NETGEAR ProSafe GSM7224P User Manual
  1. Manuals
  2. Brands
  3. NETGEAR Manuals
  4. Switch
  5. ProSafe GSM7224P
  6. User manual

NETGEAR ProSafe GSM7224P User Manual

Prosafe managed switch command line interface (cli) 9.0.2
Hide thumbs Also See for ProSafe GSM7224P:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
Table of Contents

Advertisement

Quick Links

See also: Software Administration Manual , Installation Manual
350 East Plumeria Drive
San Jose, CA 95134
USA
November 2011
202-10936-01
1.0
ProSafe Managed Switch
Command Line Interface (CLI)

User Manual

9.0.2
GSM5212P
GSM7212F
GSM7212P
GSM7224P
XSM7224S

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ProSafe GSM7224P and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for NETGEAR ProSafe GSM7224P

Summary of Contents for NETGEAR ProSafe GSM7224P

  • Page 1: User Manual

    ProSafe Managed Switch Command Line Interface (CLI) User Manual 9.0.2 GSM5212P GSM7212F GSM7212P GSM7224P XSM7224S 350 East Plumeria Drive San Jose, CA 95134 November 2011 202-10936-01...

  • Page 2: Technical Support

    NETGEAR, Inc. Technical Support Thank you for choosing NETGEAR. To register your product, get the latest product updates, or get support online, visit us at http://support.netgear.com.

  • Page 3: Table Of Contents

    Contents Chapter 1 Using the Command-Line Interface Licensing and Command Support ....... . 8 Command Syntax .
  • Page 4 ProSafe Managed Switch Static MAC Filtering ......... 136 DHCP L2 Relay Agent Commands .
  • Page 5 ProSafe Managed Switch DVMRP Commands .........324 PIM Commands .
  • Page 6 ProSafe Managed Switch Packet Capture Commands ........560 Serviceability Packet Tracing Commands .
  • Page 7 ProSafe Managed Switch Chapter 15 Command List Index...

  • Page 8: Chapter 1 Using The Command-Line Interface

    Using the Command-Line Interface The command-line interface (CLI) is a text-based way to manage and monitor the system. You can access the CLI by using a direct serial connection or by using a remote logical connection with telnet or SSH. This chapter describes the CLI syntax, conventions, and modes.
  • Page 9 ProSafe Managed Switch are available from your VAR or NETGEAR authorized e-commerce portal. License activation is described in the Software Setup Manual. Command Group or Command XSM7224S GSM7212F/GSM7212P/ GSM7224P/GSM5212P Front Panel Stacking Commands Supported Not supported Non-Stop Forwarding Commands Supported...

  • Page 10: Command Syntax

    ProSafe Managed Switch Command Group or Command XSM7224S GSM7212F/GSM7212P/ GSM7224P/GSM5212P cos-queue random-detect Supported Not supported no cos-queue random-detect Supported Not supported random-detect exponential weighting-constant Supported Not supported no random-detect exponential weighting-constant Supported Not supported random-detect queue-parms Supported Not supported no random-detect queue-parms...

  • Page 11: Command Conventions

    ProSafe Managed Switch Command Conventions In this document, the command name is in bold font. Parameters are in italic font. You must replace the parameter name with an appropriate value, which might be a name or number. Parameters are order dependent. The parameters for a command might include mandatory values, optional values, or keyword choices.

  • Page 12: Unit/Slot/Port Naming Convention

    ProSafe Managed Switch Name with Spaces” forces the system to accept the spaces. Empty strings (““) are not valid user-defined strings. Table 2 describes common parameter values and value formatting. Table 2. Parameter Descriptions Parameter Description ipaddr This parameter is a valid IP address. You can enter the IP address in the following formats: a (32 bits) a.b (8.24 bits) a.b.c (8.8.16 bits)

  • Page 13: Using A Command's "No" Form

    ProSafe Managed Switch The port identifies the specific physical port or logical interface being managed on a given slot. Table 4. Type of Ports Port Type Description Physical Ports The physical ports for each slot are numbered sequentially starting from zero. Logical Interfaces Port-channel or Link Aggregation Group (LAG) interfaces are logical interfaces that are only used for bridging functions.

  • Page 14: Command Modes

    ProSafe Managed Switch • Quality of Service • Management (CLI, Web UI, and SNMP) • IPv6 Management—Allows management of the device through an IPv6 through an IPv6 address without requiring the IPv6 Routing package in the system. The management address can be associated with the network port (front-panel switch ports) and a routine interface (port or VLAN).
  • Page 15 ProSafe Managed Switch Table 5. CLI Command Modes (Continued) Command Mode Prompt Mode Description Interface Config Switch (Interface <unit/slot/port>)# Manages the operation of an interface and provides access to the router interface configuration commands. Switch (Interface Loopback <id>)# Use this mode to set up a physical port for a specific logical connection operation.
  • Page 16 ProSafe Managed Switch Table 6 explains how to enter or exit each mode. Table 6. CLI Mode Access and Exit Command Mode Access Method Exit or Access Previous Mode User EXEC This is the first level of access. To exit, enter logout. Privileged EXEC From the User EXEC mode, enter To exit to the User EXEC mode, enter exit or...

  • Page 17: Command Completion And Abbreviation

    ProSafe Managed Switch Table 6. CLI Mode Access and Exit (Continued) Command Mode Access Method Exit or Access Previous Mode Router RIP From the Global Config mode, To exit to the Global Config mode, enter exit. To Config enter return to the Privileged EXEC mode, enter router rip.

  • Page 18: Cli Error Messages

    ProSafe Managed Switch CLI Error Messages If you enter a command and the system is unable to execute it, an error message appears. Table 7 describes the most common CLI error messages. Table 7. CLI Error Messages Message Text Description % Invalid input detected at '^' marker.

  • Page 19: Using Cli Help

    ProSafe Managed Switch Table 8. CLI Editing Conventions (Continued) Key Sequence Description Ctrl-Y Prints last deleted character Ctrl-Q Enables serial flow Ctrl-S Disables serial flow Ctrl-Z Return to root command prompt Tab, <SPACE> Command-line completion Exit Go to next lower command prompt List available commands, keywords, or parameters Using CLI Help Enter a question mark (?) at the command prompt to display the commands available in the...

  • Page 20: Accessing The Cli

    ProSafe Managed Switch You can also enter a question mark (?) after typing one or more characters of a word to list the available command or parameters that begin with the letters, as shown in the following example: (switch) #show m? mac-addr-table mac-address-table monitor...

  • Page 21: Chapter 2 Stacking Commands

    Stacking Commands This chapter contains the following sections: • Dedicated Port Stacking • Front Panel Stacking Commands • Non-Stop Forwarding Commands • Stack Firmware Synchronization Commands The commands in this chapter are in two functional groups: • Show commands display switch settings, statistics, and other information. •...

  • Page 22: Switch Priority

    ProSafe Managed Switch Note: Switch index can be obtained by executing the show supported switchtype command in User EXEC mode. no member This command removes a switch from the stack. The <unit> is the switch identifier of the switch to be removed from the stack. This command is executed on the Primary Management Unit.
  • Page 23 ProSafe Managed Switch Format switch <oldunit> renumber <newunit> Mode Global Config movemanagement This command moves the Primary Management Unit functionality from one switch to another. The <fromunit> is the switch identifier on the current Primary Management Unit. The <tounit> is the switch identifier on the new Primary Management Unit. Upon execution, the entire stack (including all interfaces in the stack) is unconfigured and reconfigured with the configuration on the new Primary Management Unit.

  • Page 24: Set Slot Disable

    ProSafe Managed Switch indicating the type of the card being preconfigured in the specified slot. The card index is a 32-bit integer. If a card is currently present in the slot that is unconfigured, the configured information will be deleted and the slot will be re-configured with default information for the card.

  • Page 25: Show Slot

    ProSafe Managed Switch removes the configuration from any module inserted into the slot. If a card is disabled, all the ports on the device are operationally disabled and shown as “unplugged” on management screens. Format no set slot disable [<unit/slot> | all] Mode Global Config set slot power...

  • Page 26: Show Supported Cardtype

    ProSafe Managed Switch Term Definition Slot The slot identifier in a <unit/slot> format. Slot Status The slot is empty, full, or has encountered an error Admin State The slot administrative mode is enabled or disabled. Power State The slot power mode is enabled or disabled. Configured Card The model identifier of the card preconfigured in the slot.

  • Page 27: Show Switch

    ProSafe Managed Switch Term Definition Model Identifier The model identifier for the supported card type. Card Description The description for the supported card type. show switch This command displays information about all units in the stack or a single unit when you specify the unit value.

  • Page 28: Show Supported Switchtype

    ProSafe Managed Switch Term Definition Model Identifier The model identifier for this switch. Model Identifier is a 32-character field assigned by the device manufacturer to identify the device. Switch Status The switch status. Possible values are OK, Unsupported, Code Mismatch, Config Mismatch, or Not Present.

  • Page 29: Front Panel Stacking Commands

    ProSafe Managed Switch Front Panel Stacking Commands This section describes the commands you use to view and configure front panel stacking information. stack-port This command sets front panel stacking per port to either stack or ethernet mode. Default stack Format stack-port <unit/slot/port>...

  • Page 30: Non-Stop Forwarding Commands

    ProSafe Managed Switch Term Definition Unit The unit number. Interface The slot and port numbers. Tx Data Rate Trashing data rate in megabits per second on the stacking port. Tx Error Rate Platform-specific number of transmit errors per second. Tx Total Error Platform-specific number of total transmit errors since power-up.

  • Page 31: Show Nsf

    ProSafe Managed Switch continues to be forwarded in hardware while the management functions initialize on the backup unit. NSF is enabled by default on platforms that support it. The administrator can disable NSF to redirect the CPU resources consumed by data checkpointing. If a unit that does not support NSF is connected to the stack, then NSF is disabled on all stack members.

  • Page 32: Initiate Failover

    ProSafe Managed Switch Term Definition Warm Restart Ready Whether the system is ready to perform a nonstop forwarding failover from the management unit to the backup unit. Copy of Running Whether the running configuration on the backup unit includes all changes made Configuration to on the management unit.

  • Page 33: Show Checkpoint Statistics

    ProSafe Managed Switch Format initiate failover Mode Stack Global Config Mode show checkpoint statistics Use this command to display general information about the checkpoint service operation. Format show checkpoint statistics Mode Privileged EXEC Term Description Messages Number of checkpoint messages transmitted to the backup unit. Range: Integer. Def Checkpointed ault:0 Bytes...

  • Page 34: Stack Firmware Synchronization Commands

    ProSafe Managed Switch Stack Firmware Synchronization Commands Stack firmware synchronization provides an automatic mechanism to synchronize the firmware on stack members whose firmware version differs from the version running on the stack manager. This operation can result in either an upgrade or downgrade of firmware on the mismatched stack member.

  • Page 35: No Boot Auto-Copy-Sw

    ProSafe Managed Switch no boot auto-copy-sw This command disables stack firmware synchronization. Format no boot auto-copy-sw Mode Privileged EXEC boot auto-copy-sw trap This command sends SNMP traps related to stack firmware synchronization. Default Enabled Format boot auto-copy-sw trap Mode Privileged EXEC no boot auto-copy-sw trap This command disables sending SNMP traps related to stack firmware synchronization.
  • Page 36 ProSafe Managed Switch Example: (Switch)#show auto-copy-sw Stack Firmware Synchronization Synchronization: Enabled SNMP Trap status: Enabled Allow Downgrade: Enabled Stacking Commands...

  • Page 37: Chapter 3 Switching Commands

    Switching Commands This chapter describes the switching commands available in the managed switch CLI. This chapter contains the following sections: • Port Configuration Commands • Loopback Interface Commands • Spanning Tree Protocol (STP) Commands • VLAN Commands • Double VLAN Commands •...

  • Page 38: Port Configuration Commands

    ProSafe Managed Switch • Port Security Commands • LLDP (802.1AB) Commands • LLDP-MED Commands • Denial of Service Commands • MAC Database Commands • ISDP Commands • Priority-Based Flow Control Commands The commands in this chapter are in three functional groups: •...

  • Page 39: Interface Lag

    ProSafe Managed Switch interface lag This command gives you access to the LAG (link aggregation, or port channel) virtual interface, which allows certain port configurations to be applied to the LAG interface. Type a question mark (?) after entering the interface configuration mode to see the available options. Note: The IP address cannot be assigned to a LAG virtual interface.
  • Page 40 ProSafe Managed Switch no auto-negotiate all This command disables automatic negotiation on all ports. Format no auto-negotiate all Mode Global Config description Use this command to create an alpha-numeric description of the port. Format description <description> Mode Interface Config Use the mtu command to set the maximum transmission unit (MTU) size, in bytes, for frames that ingress or egress the interface.

  • Page 41: Shutdown All

    ProSafe Managed Switch Note: You can use the shutdown command on physical and port-channel (LAG) interfaces, but not on VLAN routing interfaces. Format shutdown Mode Interface Config no shutdown This command enables a port. Format no shutdown Mode Interface Config shutdown all This command disables all ports.

  • Page 42: Speed All

    ProSafe Managed Switch Acceptable Definition Values 100h 100BASE-T half duplex 100f 100BASE-T full duplex 10BASE-T half duplex 10BASE-T full duplex speed all This command sets the speed and duplex setting for all interfaces. Format speed all {<100 | 10> <half-duplex | full-duplex>} Mode Global Config Acceptable...

  • Page 43: Show Port Protocol

    ProSafe Managed Switch Term Definition Physical Mode The desired port speed and duplex mode. If auto-negotiation support is selected, then the duplex mode and speed is set from the auto-negotiation process. Note that the maximum capability of the port (full duplex -100M) is advertised. Otherwise, this object determines the port's duplex mode and transmission rate.

  • Page 44: Loopback Interface Commands

    ProSafe Managed Switch show port status This command displays the Protocol-Based VLAN information for either the entire system, or for the indicated group. Format show port status {<unit/slot/port> | all} Mode Privileged EXEC Term Definition Interface Valid slot and port number separated by forward slashes. Media Type “Copper”...

  • Page 45: Show Interface Loopback

    ProSafe Managed Switch no interface loopback This command removes the loopback interface and associated configuration parameters for the specified loopback interface. Format no interface loopback <loopback-id> Mode Global Config show interface loopback This command displays information about configured loopback interfaces. Format show interface loopback [<loopback-id>] Mode...

  • Page 46: Spanning Tree Protocol (Stp) Commands

    ProSafe Managed Switch Spanning Tree Protocol (STP) Commands This section describes the commands you use to configure Spanning Tree Protocol (STP). STP helps prevent network loops, duplicate messages, and network instability. spanning-tree This command sets the spanning-tree operational mode to enabled. Default enabled Format...

  • Page 47: Spanning-Tree Bpduflood

    ProSafe Managed Switch Format spanning-tree bpdufilter Mode Global Config no spanning-tree bpdufilter default Use this command to disable BPDU Filter on all the edge port interfaces. Default enabled Format no spanning-tree bpdufilter default Mode Global Config spanning-tree bpduflood Use this command to enable BPDU Flood on the interface. Default disabled Format...

  • Page 48: Spanning-Tree Bpdumigrationcheck

    ProSafe Managed Switch spanning-tree bpdumigrationcheck Use this command to force a transmission of rapid spanning tree (RSTP) and multiple spanning tree (MSTP) BPDUs. Use the <unit/slot/port> parameter to transmit a BPDU from a specified interface, or use the all keyword to transmit BPDUs from all interfaces. This command forces the BPDU transmission when you execute it, so the command does not change the system configuration or have a “no”...

  • Page 49: Spanning-Tree Edgeport

    ProSafe Managed Switch spanning-tree edgeport This command specifies that this port is an Edge Port within the common and internal spanning tree. This allows this port to transition to Forwarding State without delay. Default enabled Format spanning-tree edgeport Mode Interface Config no spanning-tree edgeport This command specifies that this port is not an Edge Port within the common and internal spanning tree.

  • Page 50: Spanning-Tree Forward-Time

    ProSafe Managed Switch spanning-tree forward-time This command sets the Bridge Forward Delay parameter to a new value for the common and internal spanning tree. The forward-time value is in seconds within a range of 4 to 30, with the value being greater than or equal to “(Bridge Max Age / 2) + 1”. Default Format spanning-tree forward-time <4-30>...

  • Page 51: Spanning-Tree Max-Age

    ProSafe Managed Switch no spanning-tree tcnguard This command disables the propagation of received topology change notifications and topology changes to other ports. Format no spanning-tree tcnguard Mode Interface Config spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the common and internal spanning tree.

  • Page 52: Spanning-Tree Mst

    ProSafe Managed Switch spanning-tree mst This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning tree. If you specify an <mstid> parameter that corresponds to an existing multiple spanning tree instance, the configurations are done for that multiple spanning tree instance.

  • Page 53: Spanning-Tree Mst Instance

    ProSafe Managed Switch If you specify port-priority, this command sets the priority for this port within a specific multiple spanning tree instance or the common and internal spanning tree instance, depending on the <mstid> parameter, to the default value. Format no spanning-tree mst <mstid>...

  • Page 54: Spanning-Tree Mst Vlan

    ProSafe Managed Switch no spanning-tree mst priority This command sets the bridge priority for a specific multiple spanning tree instance to the default value. The parameter <mstid> is a number that corresponds to the desired existing multiple spanning tree instance. If 0 (defined as the default CIST ID) is passed as the <mstid>, this command sets the Bridge Priority parameter for the common and internal spanning tree to the default value.

  • Page 55: Spanning-Tree Port Mode All

    ProSafe Managed Switch no spanning-tree port mode This command sets the Administrative Switch Port State for this port to disabled. Format no spanning-tree port mode Mode Interface Config spanning-tree port mode all This command sets the Administrative Switch Port State for all ports to enabled. Default enabled Format...

  • Page 56: Show Spanning-Tree

    ProSafe Managed Switch Format spanning-tree bpduforwarding Mode Global Config no spanning-tree bpduforwarding This command will cause the STP BPDU packets received from the network to be dropped if STP is disabled. Format no spanning-tree bpduforwarding Mode Global Config show spanning-tree This command displays spanning tree settings for the common and internal spanning tree.

  • Page 57: Show Spanning-Tree Brief

    ProSafe Managed Switch Term Definition Bridge Hold Minimum time between transmission of Configuration Bridge Protocol Data Units Time (BPDUs). Bridge Max Bridge max-hops count for the device. Hops CST Regional Bridge Identifier of the CST Regional Root. It is made up using the bridge priority and the Root base MAC address of the bridge.

  • Page 58: Show Spanning-Tree Interface

    ProSafe Managed Switch show spanning-tree interface This command displays the settings and parameters for a specific switch port within the common and internal spanning tree. The <unit/slot/port> is the desired switch port. The following details are displayed on execution of the command. Format show spanning-tree interface <unit/slot/port>...
  • Page 59 ProSafe Managed Switch corresponds to the desired existing multiple spanning tree instance. The <unit/slot/port> is the desired switch port. Format show spanning-tree mst port detailed <mstid> <unit/slot/port> Mode • Privileged EXEC • User EXEC Term Definition MST Instance ID The ID of the existing MST instance. Port Identifier The port identifier for the specified port within the selected MST instance.
  • Page 60 ProSafe Managed Switch tree. The <unit/slot/port> is the desired switch port. In this case, the following are displayed. Term Definition Port Identifier The port identifier for this port within the CST. Port Priority The priority of the port within the CST. Port Forwarding The forwarding state of the port within the CST.

  • Page 61: Show Spanning-Tree Mst Port Summary

    ProSafe Managed Switch Term Definition Transitions Into The number of times this interface has transitioned into loop inconsistent state. Loop Inconsistent State Transitions Out The number of times this interface has transitioned out of loop inconsistent state. of Loop Inconsistent State show spanning-tree mst port summary This command displays the settings of one or all ports within the specified multiple spanning...

  • Page 62: Show Spanning-Tree Mst Summary

    ProSafe Managed Switch Term Definition mstid The ID of the existing MST instance. Interface unit/slot/port STP Mode Indicates whether spanning tree is enabled or disabled on the port. Type Currently not used. STP State The forwarding state of the port in the specified spanning tree instance. Port Role The role of the specified port within the spanning tree.

  • Page 63: Vlan Commands

    ProSafe Managed Switch Term Definition Spanning Tree Enabled or disabled. Adminmode Spanning Tree Version of 802.1 currently supported (IEEE 802.1s, IEEE 802.1w, or IEEE 802.1d) based Version upon the Force Protocol Version parameter. BPDU Guard Enabled or disabled. Mode BPDU Filter Enabled or disabled.

  • Page 64: Vlan Database

    ProSafe Managed Switch vlan database This command gives you access to the VLAN Config mode, which allows you to configure VLAN characteristics. Format vlan database Mode Privileged EXEC network mgmt_vlan This command configures the Management VLAN ID. Default Format network mgmt_vlan <1-4093> Mode Privileged EXEC no network mgmt_vlan...

  • Page 65: Vlan Acceptframe

    ProSafe Managed Switch vlan acceptframe This command sets the frame acceptance mode per interface. For VLAN Only mode, untagged frames or priority frames received on this interface are discarded. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port.

  • Page 66: Vlan Makestatic

    ProSafe Managed Switch vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 2-4093. Format vlan makestatic <2-4093>...

  • Page 67: Vlan Participation All

    ProSafe Managed Switch vlan participation all This command configures the degree of participation for all interfaces in a VLAN. The ID is a valid VLAN identification number. Format vlan participation all {exclude | include | auto} <1-4093> Mode Global Config You can use the following participation options: Participation Definition...

  • Page 68: Vlan Port Ingressfilter All

    ProSafe Managed Switch assigned the value of the interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification. Format no vlan port acceptframe all Mode Global Config vlan port ingressfilter all This command enables ingress filtering for all ports.

  • Page 69: Vlan Port Tagging All

    ProSafe Managed Switch vlan port tagging all This command configures the tagging behavior for all interfaces in a VLAN to enabled. If tagging is enabled, traffic is transmitted as tagged frames. If tagging is disabled, traffic is transmitted as untagged frames. The ID is a valid VLAN identification number. Format vlan port tagging all <1-4093>...

  • Page 70: Vlan Protocol Group Add Protocol

    ProSafe Managed Switch no vlan protocol group name This command removes the name from a protocol-based VLAN groups. Format group name <1-128> no vlan protocol Mode Global Config vlan protocol group add protocol This command adds the protocol to the protocol-based VLAN identified by groupid. A group may have more than one protocol associated with it.

  • Page 71: Protocol Vlan Group

    ProSafe Managed Switch no protocol group This command removes the <vlanid> from this protocol-based VLAN group that is identified by this <groupid>. Format no protocol group <groupid> <vlanid> Mode VLAN Config protocol vlan group This command adds the physical interface to the protocol-based VLAN identified by <groupid>.

  • Page 72: Vlan Pvid

    ProSafe Managed Switch no protocol vlan group all This command removes all interfaces from this protocol-based VLAN group that is identified by this <groupid>. Format no protocol vlan group all <groupid> Mode Global Config vlan pvid This command changes the VLAN ID per interface. Default Format vlan pvid <1-4093>...

  • Page 73: Vlan Association Subnet

    ProSafe Managed Switch vlan association subnet This command associates a VLAN to a specific IP-subnet. Format vlan association subnet <ipaddr> <netmask> <1-4093> Mode VLAN Config no vlan association subnet This command removes association of a specific IP-subnet to a VLAN. Format no vlan association subnet <ipaddr>...

  • Page 74: Show Vlan

    ProSafe Managed Switch show vlan <vlanid> This command displays detailed information, including interface information, for a specific VLAN. The ID is a valid VLAN identification number. Format show vlan <vlanid> Mode • Privileged EXEC • User EXEC Term Definition VLAN ID There is a VLAN Identifier (VID) associated with each VLAN.

  • Page 75: Show Vlan Brief

    ProSafe Managed Switch show vlan brief This command displays a list of all configured VLANs. Format show vlan brief Mode • Privileged EXEC • User EXEC Term Definition VLAN ID There is a VLAN Identifier (vlanid) associated with each VLAN. The range of the VLAN ID is 1 to 3965.

  • Page 76: Double Vlan Commands

    ProSafe Managed Switch show vlan association subnet This command displays the VLAN associated with a specific configured IP-Address and net mask. If no IP address and net mask are specified, the VLAN associations of all the configured IP-subnets are displayed. Format show vlan association subnet [<ipaddr>...

  • Page 77: Dvlan-Tunnel Ethertype

    ProSafe Managed Switch dvlan-tunnel ethertype This command configures the ether-type for all interfaces. The ether-type may have the values of 802.1Q, vMAN, or custom. If the ether-type has a value of custom, the optional value of the custom ether type must be set to a value from 0 to 65535. Default vman Format...

  • Page 78: Show Dot1Q-Tunnel

    ProSafe Managed Switch no mode dvlan-tunnel This command is used to disable Double VLAN Tunneling on the specified interface. By default, Double VLAN Tunneling is disabled. Format no mode dvlan-tunnel Mode Interface Config show dot1q-tunnel Use this command without the optional parameters to display all interfaces enabled for Double VLAN Tunneling.

  • Page 79: Voice Vlan Commands

    ProSafe Managed Switch Term Definition Mode The administrative mode through which Double VLAN Tunneling can be enabled or disabled. The default value for this field is disabled. EtherType A 2-byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel. There are three different EtherType tags.

  • Page 80: Voice Vlan Data Priority

    ProSafe Managed Switch Format voice vlan {<id> | dot1p <priority> | none | untagged} Mode Interface Config You can configure Voice VLAN in one of three different ways: Parameter Description dot1p Configure the IP phone to use 802.1p priority tagging for voice traffic and to use the default native VLAN (VLAN 0) to carry all traffic.

  • Page 81: Provisioning (Ieee 802.1P) Commands

    ProSafe Managed Switch When the interface is specified: Term Definition Voice VLAN Interface Mode The admin mode of the Voice VLAN on the interface. Voice VLAN ID The Voice VLAN ID Voice VLAN Priority The do1p priority for the Voice VLAN on the port. Voice VLAN Untagged The tagging option for the Voice VLAN traffic.

  • Page 82: Switchport Protected (Interface Config)

    ProSafe Managed Switch If an interface is configured as a protected port, and you add that interface to a Port Channel or Link Aggregation Group (LAG), the protected port status becomes operationally disabled on the interface, and the interface follows the configuration of the LAG port. However, the protected port configuration for the interface remains unchanged.

  • Page 83: Show Switchport Protected

    ProSafe Managed Switch Default unprotected Format switchport protected <groupid> Mode Interface Config no switchport protected (Interface Config) Use this command to configure a port as unprotected. The groupid parameter identifies the set of protected ports to which this interface is assigned. Format no switchport protected <groupid>...

  • Page 84: Private Group Commands

    ProSafe Managed Switch Private Group Commands This section describes commands used to configure private group and view private group configuration information. Private group can be used to create a group of ports that can or can not share traffic to each others in the same VLAN group.

  • Page 85: Garp Commands

    ProSafe Managed Switch default, the mode is “community” mode that each member port can forward traffic to other members in the same group, but not to members in other groups. Format private-group name <privategroup-name> [<groupid>] [mode {community|isolated}] Mode Global Config no private-group name This command is used to remove the specified private group.

  • Page 86: Set Garp Timer Leave

    ProSafe Managed Switch multicast group. This command has an effect only when GVRP is enabled. The time is from 10 to 100 (centiseconds). The value 20 centiseconds is 0.2 seconds. Default Format set garp timer join <10-100> Mode • Interface Config •...

  • Page 87: Gvrp Commands

    ProSafe Managed Switch range from 200 to 6000 (centiseconds). The value 1000 centiseconds is 10 seconds. You can use this command on all ports (Global Config mode) or a single port (Interface Config mode), and it only has an effect only when GVRP is enabled. Default 1000 Format...

  • Page 88: Set Gvrp Adminmode

    ProSafe Managed Switch set gvrp adminmode This command enables GVRP on the system. Default disabled Format set gvrp adminmode Mode Privileged EXEC no set gvrp adminmode This command disables GVRP. Format no set gvrp adminmode Mode Privileged EXEC set gvrp interfacemode This command enables GVRP on a single port (Interface Config mode) or all ports (Global Config mode).

  • Page 89: Gmrp Commands

    ProSafe Managed Switch Term Definition Interface Valid slot and port number separated by forward slashes. Join Timer The interval between the transmission of GARP PDUs registering (or re-registering) membership for an attribute. Current attributes are a VLAN or multicast group. There is an instance of this timer on a per-Port, per-GARP participant basis.

  • Page 90: Set Gmrp Interfacemode

    ProSafe Managed Switch no set gmrp adminmode This command disables GARP Multicast Registration Protocol (GMRP) on the system. Format no set gmrp adminmode Mode Privileged EXEC set gmrp interfacemode This command enables GARP Multicast Registration Protocol on a single interface (Interface Config mode) or all interfaces (Global Config mode).

  • Page 91: Port-Based Network Access Control Commands

    ProSafe Managed Switch Term Definition Interface The unit/slot/port of the interface that this row in the table describes. Join Timer The interval between the transmission of GARP PDUs registering (or re-registering) membership for an attribute. Current attributes are a VLAN or multicast group. There is an instance of this timer on a per-port, per-GARP participant basis.

  • Page 92: Clear Dot1X Statistics

    ProSafe Managed Switch clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all ports. Format clear dot1x statistics {<unit/slot/port> | all} Mode Privileged EXEC clear radius statistics This command is used to clear all RADIUS statistics. Format clear radius statistics Mode...

  • Page 93: Dot1X Max-Req

    ProSafe Managed Switch devices’ MAC address as an identifier. This requires that the known and allowable MAC address and corresponding access rights be pre-populated in the authentication server. MAB works only when the port control mode of the port is MAC-based. Format dot1x mac-auth-bypass Mode...

  • Page 94: Dot1X Port-Control

    ProSafe Managed Switch no dot1x max-users This command resets the maximum number of clients allowed per port to its default value. Format no dot1x max-req Mode Interface Config dot1x port-control This command sets the authentication mode to use on the specified port. Select force-unauthorized to specify that the authenticator PAE unconditionally sets the controlled port to unauthorized.

  • Page 95: Dot1X Re-Authenticate

    ProSafe Managed Switch no dot1x port-control all This command sets the authentication mode on all ports to the default value. Format no dot1x port-control all Mode Global Config dot1x re-authenticate This command begins the re-authentication sequence on the specified port. This command is only valid if the control mode for the specified port is “auto”...

  • Page 96: Dot1X Timeout

    ProSafe Managed Switch no dot1x system-auth-control This command is used to disable the dot1x authentication support on the switch. Format no dot1x system-auth-control Mode Global Config dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port.

  • Page 97: Dot1X User

    ProSafe Managed Switch no dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port to the default values. Depending on the token used, the corresponding default values are set. Format no dot1x timeout {guest-vlan-period | reauth-period | quiet-period | tx-period | supp-timeout | server-timeout}...

  • Page 98: Clear Dot1X Authentication-History

    ProSafe Managed Switch clear dot1x authentication-history This command clears the authentication history table captured during successful and unsuccessful authentication on all interface or the specified interface. Format clear dot1x authentication-history [unit/slot/port] Mode Global Config dot1x dynamic-vlan enable Use this command to enable the switch to create VLANs dynamically when a RADIUS assigned VLAN does not exist in the switch.

  • Page 99: Show Authentication Methods

    ProSafe Managed Switch show dot1x authentication-history This command displays 802.1X authentication events and information during successful and unsuccessful Dot1x authentication process for all interfaces or the specified interface. Use the optional keywords to display only failure authentication events in summary or in detail. Format show dot1x authentication-history {unit/slot/port | all} [failedauth-only] [detail]...

  • Page 100: Show Dot1X

    ProSafe Managed Switch show dot1x This command is used to show a summary of the global dot1x configuration, summary information of the dot1x configuration for a specified port or all ports, the detailed dot1x configuration for a specified port and the dot1x statistics for a specified port - depending on the tokens used.
  • Page 101 ProSafe Managed Switch If you use the optional parameter 'detail <unit/slot/port>', the detailed dot1x configuration for the specified port is displayed. Term Definition Port The interface whose configuration is displayed. Protocol Version The protocol version associated with this port. The only possible value is 1, corresponding to the first version of the dot1x specification.
  • Page 102 ProSafe Managed Switch Term Definition Reauthentication The timer used by the authenticator state machine on this port to determine when Period reauthentication of the supplicant takes place. The value is expressed in seconds and will be in the range of 1 and 65535. Reauthentication Indicates if reauthentication is enabled on this port.

  • Page 103: Show Dot1X Clients

    ProSafe Managed Switch If you use the optional parameter statistics <unit/slot/port>, the following dot1x statistics for the specified port appear. Term Definition Port The interface whose statistics are displayed. EAPOL Frames The number of valid EAPOL frames of any type that have been received by this Received authenticator.

  • Page 104: Show Dot1X Users

    ProSafe Managed Switch Term Definition Clients Indicates the number of the Dot1x clients authenticated using Monitor mode. Authenticated using Monitor Mode Clients Indicates the number of Dot1x clients authenticated using 802.1x authentication process. Authenticated using Dot1x Logical The logical port number associated with a client. Interface Interface The physical port to which the supplicant is associated.

  • Page 105: 802.1X Supplicant Commands

    ProSafe Managed Switch 802.1X Supplicant Commands 802.1X (“dot1x”) supplicant functionality is on point-to-point ports. The administrator can configure the user name and password used in authentication and capabilities of the supplicant port. dot1x pae Use this command to set the port’s dot1x role. The port can serve as either a supplicant or an authenticator.

  • Page 106: Dot1X Supplicant Max-Start

    ProSafe Managed Switch dot1x supplicant max-start Use this command to configure the number of attempts that the supplicant makes to find the authenticator before the supplicant assumes that there is no authenticator. Default Format dot1x supplicant max-start <1-10> Mode Interface Config no dot1x supplicant max-start Use this command to set the max-start value to the default.

  • Page 107: Storm-Control Commands

    ProSafe Managed Switch no dot1x supplicant timeout held-period Use this command to set the held-period value to the default value. Format no dot1x supplicant timeout held-period Mode Interface Config dot1x supplicant timeout auth-period Use this command to configure the authentication period timer interval to wait for the next EAP request challenge from the authenticator.

  • Page 108: Storm-Control Broadcast

    ProSafe Managed Switch multicast, or unicast traffic will be dropped. The Storm-Control feature allows you to limit the rate of specific types of packets through the switch on a per-port, per-type, basis. Configuring a storm-control level also enables that form of storm-control. Disabling a storm-control level (using the “no”...

  • Page 109: Storm-Control Broadcast Rate

    ProSafe Managed Switch interface increases beyond the configured threshold, the traffic is dropped. Therefore, the rate of broadcast traffic is limited to the configured threshold. Default Format storm-control broadcast level <0-100> Mode Interface Config no storm-control broadcast level This command sets the broadcast storm recovery threshold to the default value for an interface and disables broadcast storm recovery.

  • Page 110: Storm-Control Broadcast Level (Global)

    ProSafe Managed Switch Format storm-control broadcast Mode Global Config no storm-control broadcast This command disables broadcast storm recovery mode for all interfaces. Format no storm-control broadcast Mode Global Config storm-control broadcast level (Global) This command configures the broadcast storm recovery threshold for all interfaces as a percentage of link speed and enables broadcast storm recovery.

  • Page 111: Storm-Control Multicast

    ProSafe Managed Switch no storm-control broadcast rate This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast storm recovery. Format no storm-control broadcast rate Mode Global Config storm-control multicast This command enables multicast storm recovery mode for an interface. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.

  • Page 112: Storm-Control Multicast Rate

    ProSafe Managed Switch storm-control multicast rate Use this command to configure the multicast storm recovery threshold for an interface in packets per second. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold, the traffic is dropped.

  • Page 113: Storm-Control Multicast Rate (Global)

    ProSafe Managed Switch interface increases beyond the configured threshold, the traffic will be dropped. Therefore, the rate of multicast traffic will be limited to the configured threshold. Default Format storm-control multicast level <0-100> Mode Global Config no storm-control multicast level This command sets the multicast storm recovery threshold to the default value for all interfaces and disables multicast storm recovery.

  • Page 114: Storm-Control Unicast Level

    ProSafe Managed Switch Format storm-control unicast Mode Interface Config no storm-control unicast This command disables unicast storm recovery mode for an interface. Format no storm-control unicast Mode Interface Config storm-control unicast level This command configures the unicast storm recovery threshold for an interface as a percentage of link speed, and enables unicast storm recovery.

  • Page 115: Storm-Control Unicast (Global)

    ProSafe Managed Switch no storm-control unicast rate This command sets the unicast storm recovery threshold to the default value for an interface and disables unicast storm recovery. Format no storm-control unicast rate Mode Interface Config storm-control unicast (Global) This command enables unicast storm recovery mode for all interfaces. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.

  • Page 116: Storm-Control Unicast Rate (Global)

    ProSafe Managed Switch no storm-control unicast level This command sets the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces. Format no storm-control unicast level Mode Global Config storm-control unicast rate (Global) Use this command to configure the unicast storm recovery threshold for all interfaces in packets per second.

  • Page 117: Show Storm-Control

    ProSafe Managed Switch no storm-control flowcontrol This command disables 802.3x flow control for the switch. Note: This command only applies to full-duplex mode ports. Format no storm-control flowcontrol Mode Global Config show storm-control This command displays switch configuration information. If you do not use any of the optional parameters, this command displays global storm control configuration parameters: •...

  • Page 118: Port-Channel/Lag (802.3Ad) Commands

    ProSafe Managed Switch Term Definition Ucast Mode Shows whether the Unknown Unicast or DLF (Destination Lookup Failure) storm control mode is enabled or disabled. Ucast Level The Unknown Unicast or DLF (Destination Lookup Failure) storm control level. Port-Channel/LAG (802.3ad) Commands This section describes the commands you use to configure port-channels, which are also known as link aggregation groups (LAGs).

  • Page 119: Deleteport (Global Config)

    ProSafe Managed Switch deleteport (Interface Config) This command deletes the port from the port-channel (LAG). The interface is a logical unit/slot/port number or a group ID of a configured port-channel. Format deleteport {<logical unit/slot/port>|lag <lag-group-id>} Mode Interface Config deleteport (Global Config) This command deletes all configured ports from the port-channel (LAG).

  • Page 120: Lacp Actor Admin State Individual

    ProSafe Managed Switch Format lacp collector max-delay <delay> Mode Interface Config Note: This command is only applicable to port-channel interfaces. no lacp collector max delay Use this command to configure the default port-channel collector max delay. Format no lacp collector max-delay Mode Interface Config lacp actor admin...

  • Page 121: Lacp Actor Admin State Longtimeout

    ProSafe Managed Switch Note: This command is only applicable to physical interfaces. no lacp actor admin state individual Use this command to set the LACP actor admin state to aggregation. Format no lacp actor admin state individual Mode Interface Config lacp actor admin state longtimeout Use this command to set LACP actor admin state to longtimeout.

  • Page 122: Lacp Actor Port Priority

    ProSafe Managed Switch no lacp actor admin state passive Use this command to set the LACP actor admin state to active. Format no lacp actor admin state passive Mode Interface Config lacp actor port priority Use this command to configure the priority value assigned to the Aggregation Port. The valid range for <priority>...

  • Page 123: Lacp Partner Admin State Individual

    ProSafe Managed Switch no lacp actor system priority Use this command to configure the priority value associated with the Actor’s SystemID. Format no lacp actor system priority Mode Interface Config lacp partner admin key Use this command to configure the administrative value of the Key for the protocol partner. The valid range for <key>...

  • Page 124: Lacp Partner Admin State Longtimeout

    ProSafe Managed Switch lacp partner admin state longtimeout Use this command to set LACP partner admin state to longtimeout. Format lacp partner admin state longtimeout Mode Interface Config Note: This command is only applicable to physical interfaces. no lacp partner admin state longtimeout Use this command to set the LACP partner admin state to short timeout.

  • Page 125: Lacp Partner Port Id

    ProSafe Managed Switch lacp partner port id Use this command to configure the LACP partner port id. The valid range for <port-id> is 0 to 65535. Default 0x80 Format lacp partner portid <port-id> Mode Interface Config Note: This command is only applicable to physical interfaces. no lacp partner port id Use this command to set the LACP partner port id to the default.

  • Page 126: Lacp Partner System Priority

    ProSafe Managed Switch lacp partner system id Use this command to configure the 6-octet MAC Address value representing the administrative value of the Aggregation Port’s protocol Partner’s System ID. The valid range of <system-id> is 00:00:00:00:00:00 - FF:FF:FF:FF:FF. Default 00:00:00:00:00:00 Format lacp partner system id <system-id>...

  • Page 127: Port Lacpmode

    ProSafe Managed Switch port-channel static This command enables the static mode on a port-channel (LAG) interface. By default the static mode for a new port-channel is disabled, which means the port-channel is dynamic. However if the maximum number of allowable dynamic port-channels are already present in the system, the static mode for a new port-channel enabled, which means the port-channel is static.You can only use this command on port-channel interfaces.

  • Page 128: Port Lacptimeout (Global Config)

    ProSafe Managed Switch no port lacpmode enable all This command disables Link Aggregation Control Protocol (LACP) on all ports. Format no port lacpmode enable all Mode Global Config port lacptimeout (Interface Config) This command sets the timeout on a physical interface of a particular device type (actor or partner) to either long or short timeout.

  • Page 129: Port-Channel Adminmode

    ProSafe Managed Switch port-channel adminmode This command enables a port-channel (LAG). This command sets every configured port-channel with the same administrative mode setting. Format port-channel adminmode all Mode Global Config no port-channel adminmode This command disables a port-channel (LAG). This command clears every configured port-channel with the same administrative mode setting.
  • Page 130 ProSafe Managed Switch • MODULO-N (where N is the number of active link members in a LAG) operation based on the number of ports in the LAG • Packet attributes selection based on the packet type: For L2 packets, source and destination MAC address are used for hash computation.

  • Page 131: Show Lacp Actor

    ProSafe Managed Switch port-channel name This command defines a name for the port-channel (LAG). The interface is a logical unit/slot/port for a configured port-channel, and <name> is an alphanumeric string up to 15 characters. Format port-channel name {<logical unit/slot/port> | all | <name>} Mode Global Config port-channel system priority...

  • Page 132: Show Lacp Partner

    ProSafe Managed Switch show lacp partner Use this command to display LACP partner attributes. Format show lacp partner {<unit/slot/port>|all} Mode Privileged EXEC The following output parameters are displayed. Parameter Description System Priority The administrative value of priority associated with the Partner’s System ID. System ID The value representing the administrative value of the Aggregation Port’s protocol Partner’s System ID.
  • Page 133 ProSafe Managed Switch show port-channel This command displays the static capability of all port-channels (LAGs) on the device as well as a summary of individual port-channels. Format show port-channel Mode • Privileged EXEC • User EXEC Term Definition Static This field displays whether or not the device has static capability enabled. Capability For each port-channel the following information is displayed: Term...

  • Page 134: Port Mirroring

    ProSafe Managed Switch Term Definition Mbr Ports A listing of the ports that are members of this port-channel (LAG), in unit/slot/port notation. There can be a maximum of eight ports assigned to a given port-channel (LAG). Device Timeout For each port, lists the timeout (long or short) for Device Type (actor or partner). Port Speed Speed of the port-channel port.

  • Page 135: Show Monitor Session

    ProSafe Managed Switch destination interface <unit/slot/port> to remove the specified interface from the port monitoring session. Use the mode parameter to disable the administrative mode of the session Note: Since the current version of 7000 series software only supports one session, if you do not supply optional parameters, the behavior of this command is similar to the behavior of the no monitor command.

  • Page 136: Static Mac Filtering

    ProSafe Managed Switch Term Definition Session ID An integer value used to identify the session. Its value can be anything between 1 and the maximum number of mirroring sessions allowed on the platform. Admin Mode Indicates whether the Port Mirroring feature is enabled or disabled for the session identified with <session-id>.

  • Page 137: Macfilter Adddest

    ProSafe Managed Switch no macfilter This command removes all filtering restrictions and the static MAC filter entry for the MAC address <macaddr> on the VLAN <vlanid>. The <macaddr> parameter must be specified as a 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid>...

  • Page 138: Macfilter Addsrc

    ProSafe Managed Switch Note: Configuring a destination port list is only valid for multicast MAC addresses. Format macfilter adddest all <macaddr> <vlanid> Mode Global Config no macfilter adddest all This command removes all ports from the destination filter set for the MAC filter with the given <macaddr>...

  • Page 139: Show Mac-Address-Table Static

    ProSafe Managed Switch 6-byte hexadecimal number in the format of b1:b2:b3:b4:b5:b6. The <vlanid> parameter must identify a valid VLAN. Format macfilter addsrc all <macaddr> <vlanid> Mode Global Config no macfilter addsrc all This command removes all interfaces to the source filter set for the MAC filter with the MAC address of <macaddr>...

  • Page 140: Dhcp L2 Relay Agent Commands

    ProSafe Managed Switch Term Definition Mac Address A unicast MAC address for which the switch has forwarding and or filtering information. As the data is gleaned from the MFDB, the address will be a multicast address. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB.

  • Page 141: Dhcp L2Relay Vlan

    ProSafe Managed Switch Separate non-consecutive IDs with a comma (,), and do not insert spaces or zeros in between the range. Use a dash (–) for the range. Format dhcp l2relay circuit-id vlan <vlan-list> Mode Global Config no dhcp l2relay circuit-id vlan Use this parameter to clear the DHCP Option-82 Circuit ID for a VLAN.

  • Page 142: Dhcp L2Relay Trust

    ProSafe Managed Switch no dhcp l2relay vlan Use this command to disable the DHCP L2 Relay agent for a set of VLANs. Format no dhcp l2relay vlan <vlan-list> Mode Global Config dhcp l2relay trust Use this command to configure an interface or range of interfaces as trusted for Option-82 reception.

  • Page 143: Show Dhcp L2Relay Interface

    ProSafe Managed Switch show dhcp l2relay interface Use this command to display DHCP L2 relay configuration specific to interfaces. Format show dhcp l2relay interface {all | interface-num} Mode Privileged EXEC Example: The following shows example CLI display output for the command. (switch) #show dhcp l2relay interface all DHCP L2 Relay is Enabled.

  • Page 144: Dhcp Client Commands

    ProSafe Managed Switch Enabled Enabled broadcom Enabled Disabled --NULL— Enabled Disabled --NULL— Enabled Disabled --NULL— Enabled Disabled --NULL-- DHCP Client Commands DHCP Client can include vendor and configuration information in DHCP client requests relayed to a DHCP server. This information is included in DHCP Option 60, Vendor Class Identifier.

  • Page 145: Dhcp Snooping Configuration Commands

    ProSafe Managed Switch show dhcp client vendor-id-option Use this command to display the configured administration mode of the vendor-id-option and the vendor-id string to be included in Option-43 in DHCP requests. Format show dhcp client vendor-id-option Mode Privileged EXEC Example: The following shows example CLI display output for the command. (switch) #show dhcp client vendor-id-option DHCP Client Vendor Identifier Option ...

  • Page 146: Ip Dhcp Snooping Database

    ProSafe Managed Switch no ip dhcp snooping vlan Use this command to disable DHCP Snooping on VLANs. Format no ip dhcp snooping vlan <vlan-list> Mode Global Config ip dhcp snooping verify mac-address Use this command to enable verification of the source MAC address with the client hardware address in the received DCHP message.

  • Page 147: Ip Dhcp Snooping Binding

    ProSafe Managed Switch no ip dhcp snooping database write-delay Use this command to set the write delay value to the default value. Format no ip dhcp snooping database write-delay Mode Global Config ip dhcp snooping binding Use this command to configure static DHCP Snooping binding. Format ip dhcp snooping binding <mac-address>...

  • Page 148: Ip Dhcp Snooping Trust

    ProSafe Managed Switch Format ip dhcp snooping limit {rate pps [burst interval seconds]} Mode Interface Config no ip dhcp snooping limit Use this command to set the rate at which the DHCP Snooping messages come, and the burst level, to the defaults. Format no ip dhcp snooping limit Mode...

  • Page 149: Ip Verify Source

    ProSafe Managed Switch ip verify source Use this command to configure the IPSG source ID attribute to filter the data traffic in the hardware. Source ID is the combination of IP address and MAC address. Normal command allows data traffic filtration based on the IP address. With the “port-security” option, the data traffic will be filtered based on the IP and MAC addresses.

  • Page 150: Show Ip Dhcp Snooping Binding

    ProSafe Managed Switch show ip dhcp snooping binding Use this command to display the DHCP Snooping binding entries. To restrict the output, use the following options: • Dynamic: Restrict the output based on DCHP snooping. • Interface: Restrict the output based on a specific interface. •...

  • Page 151: Show Ip Dhcp Snooping Database

    ProSafe Managed Switch show ip dhcp snooping database Use this command to display the DHCP Snooping configuration related to the database persistency. Format show ip dhcp snooping database Mode • Privileged EXEC • User EXEC Term Definition Agent URL Bindings database agent URL. Write Delay The maximum write time to write the database into local or remote.

  • Page 152: Clear Ip Dhcp Snooping Binding

    ProSafe Managed Switch Term Definition Client Ifc Represents the number of DHCP release and Deny messages received on the different Mismatch ports than learned previously. DHCP Server Represents the number of DHCP server messages received on Untrusted ports. Msgs Rec’d Example: The following shows example CLI display output for the command.

  • Page 153: Show Ip Verify Source

    ProSafe Managed Switch show ip verify source Use this command to display the IPSG configurations on all ports. Format show ip verify source Mode • Privileged EXEC • User EXEC Term Definition Interface Interface address in unit/slot/port format. Filter Type Is one of two values: •...

  • Page 154: Dynamic Arp Inspection Commands

    ProSafe Managed Switch Term Definition VLAN VLAN for the entry. Interface IP address of the interface in unit/slot/port format. The following shows sample CLI display output for the command. (switch) #show ip source binding MAC Address IP Address Type Vlan Interface ----------------- ---------------...

  • Page 155: Ip Arp Inspection Validate

    ProSafe Managed Switch ip arp inspection validate Use this command to enable additional validation checks like source-mac validation, destination-mac validation, and ip address validation on the received ARP packets. Each command overrides the configuration of the previous command. For example, if a command enables src-mac and dst-mac validations, and a second command enables IP validation only, the src-mac and dst-mac validations are disabled as a result of the second command.

  • Page 156: Ip Arp Inspection Limit

    ProSafe Managed Switch no ip arp inspection trust Use this command to configure an interface as untrusted for Dynamic ARP Inspection. Format no ip arp inspection trust Mode Interface Config ip arp inspection limit Use this command to configure the rate limit and burst interval values for an interface. Configuring none for the limit means the interface is not rate limited for Dynamic ARP Inspections.

  • Page 157: Permit Ip Host Mac Host

    ProSafe Managed Switch no ip arp inspection filter Use this command to unconfigure the ARP ACL used to filter invalid ARP packets on a list of comma-separated VLAN ranges. Format no ip arp inspection filter acl-name vlan vlan-list [static] Mode Global Config arp access-list Use this command to create an ARP ACL.

  • Page 158: Show Ip Arp Inspection Statistics

    ProSafe Managed Switch the given VLAN list. The global configuration includes the source mac validation, destination mac validation and invalid IP validation information. Format show ip arp inspection [vlan <vlan-list>] Mode • Privileged EXEC • User EXEC Term Definition Source MAC Displays whether Source MAC Validation of ARP frame is enabled or disabled.

  • Page 159: Clear Ip Arp Inspection Statistics

    ProSafe Managed Switch Term Definition VLAN The VLAN ID for each displayed row. Forwarded The total number of valid ARP packets forwarded in this VLAN. Dropped The total number of not valid ARP packets dropped in this VLAN. DHCP Drops The number of packets dropped due to DHCP snooping binding database match failure.

  • Page 160: Show Arp Access-List

    ProSafe Managed Switch command displays the values for that interface whether the interface is enabled for DAI or not. Format show ip arp inspection interfaces [unit/slot/port] Mode • Privileged EXEC • User EXEC Term Definition Interface The interface ID for each displayed row. Trust State Whether the interface is trusted or untrusted for DAI.

  • Page 161: Igmp Snooping Configuration Commands

    ProSafe Managed Switch IGMP Snooping Configuration Commands This section describes the commands you use to configure IGMP snooping. The software supports IGMP Versions 1, 2, and 3. The IGMP snooping feature can help conserve bandwidth because it allows the switch to forward IP multicast traffic only to connected hosts that request multicast traffic.

  • Page 162: Set Igmp Interfacemode

    ProSafe Managed Switch set igmp interfacemode This command enables IGMP Snooping on all interfaces. If an interface has IGMP Snooping enabled and you enable this interface for routing or enlist it as a member of a port-channel (LAG), IGMP Snooping functionality is disabled on that interface. IGMP Snooping functionality is re-enabled if you disable routing or remove port-channel (LAG) membership from an interface that has IGMP Snooping enabled.

  • Page 163: Set Igmp Maxresponse

    ProSafe Managed Switch Format no set igmp fast-leave <vlan_id> Mode VLAN Config set igmp groupmembership-interval This command sets the IGMP Group Membership Interval time on a VLAN, one interface or all interfaces. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry.

  • Page 164: Set Igmp Mcrtrexpiretime

    ProSafe Managed Switch Format set igmp maxresponse <vlan_id> <1-25> Mode VLAN Config no set igmp maxresponse This command sets the max response time (on the interface or VLAN) to the default value. Format no set igmp maxresponse Mode • Global Config •...

  • Page 165: Set Igmp Mrouter

    ProSafe Managed Switch set igmp mrouter This command configures the VLAN ID (<vlanId>) that has the multicast router mode enabled. Format set igmp mrouter <vlan_id> Mode Interface Config no set igmp mrouter This command disables multicast router mode for a particular VLAN ID (<vlan_id>). Format no set igmp mrouter <vlan_id>...

  • Page 166: Show Igmpsnooping

    ProSafe Managed Switch no set igmp router-alert-check This command disables the Router-Alert validation for IGMP snooping packets.. Format no set igmp router-alert-check Mode Global Config set igmp unknow-multicast filter This command enables the filtering of unknown multicast packets to the VLAN. Packets with an unknown multicast address in the destination field will be dropped.
  • Page 167 ProSafe Managed Switch Term Definition Interface The list of interfaces on which IGMP Snooping is enabled. Enabled for IGMP Snooping VLANS Enabled The list of VLANS on which IGMP Snooping is enabled. for IGMP Snooping When you specify the <unit/slot/port> values, the following information appears: Term Definition IGMP Snooping...

  • Page 168: Show Igmpsnooping Mrouter Interface

    ProSafe Managed Switch show igmpsnooping mrouter interface This command displays information about statically configured ports. Format show igmpsnooping mrouter interface <unit/slot/port> Mode Privileged EXEC Term Definition Interface The port on which multicast router information is being displayed. Multicast Indicates whether multicast router is statically enabled on the interface. Router Attached VLAN ID...

  • Page 169: Igmp Snooping Querier Commands

    ProSafe Managed Switch IGMP Snooping Querier Commands IGMP Snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the “IGMP Querier”. The IGMP query responses, known as IGMP reports, keep the switch updated with the current multicast group membership on a port-by-port basis.

  • Page 170: Set Igmp Querier Timer Expiry

    ProSafe Managed Switch set igmp querier query-interval Use this command to set the IGMP Querier Query Interval time. It is the amount of time in seconds that the switch waits before sending another general query. Default disabled Format set igmp querier query-interval <1-18000> Mode Global Config no set igmp querier query-interval...

  • Page 171: Set Igmp Querier Election Participate

    ProSafe Managed Switch no set igmp querier version Use this command to set the IGMP Querier version to its default value. Format no set igmp querier version Mode Global Config set igmp querier election participate Use this command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN.

  • Page 172: Mld Snooping Commands

    ProSafe Managed Switch Field Description Query Interval The amount of time in seconds that a Snooping Querier waits before sending out the periodic general query. Querier Timeout The amount of time to wait in the Non-Querier operational state before moving to a Querier state.

  • Page 173: Set Mld Interfacemode

    ProSafe Managed Switch set mld Use this command to enable MLD Snooping on the system (Global Config Mode) or an Interface (Interface Config Mode). This command also enables MLD Snooping on a particular VLAN and enables MLD Snooping on all interfaces participating in a VLAN. If an interface has MLD Snooping enabled and you enable this interface for routing or enlist it as a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface.

  • Page 174: Set Mld Fast-Leave

    ProSafe Managed Switch no set mld interfacemode Use this command to disable MLD Snooping on all interfaces. Format no set mld interfacemode Mode Global Config set mld fast-leave Use this command to enable MLD Snooping fast-leave admin mode on a selected interface or VLAN.

  • Page 175: Set Mld Maxresponse

    ProSafe Managed Switch interface from the entry. This value must be greater than the MLDv2 Maximum Response time value. The range is 2 to 3600 seconds. Default 260 seconds Format set mld groupmembership-interval vlanid 2-3600 Mode • Interface Config • Global Config •...

  • Page 176: Set Mld Mrouter

    ProSafe Managed Switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached. The range is 0 to 3600 seconds. A value of 0 indicates an infinite timeout, that is, no expiration. Default Format set mld mcrtexpiretime vlanid 0-3600...

  • Page 177: Show Mldsnooping

    ProSafe Managed Switch no set mld mrouter interface Use this command to disable the status of the interface as a statically configured multicast router-attached interface. Format no set mld mrouter interface Mode Interface Config show mldsnooping Use this command to display MLD Snooping information. Configured information is displayed whether or not MLD Snooping is enabled.

  • Page 178: Show Mldsnooping Mrouter Interface

    ProSafe Managed Switch When you specify a value for , the following information appears. vlanid Term Definition VLAN Admin Indicates whether MLD Snooping is active on the VLAN. Mode show mldsnooping mrouter interface Use this command to display information about statically configured multicast router attached interfaces.

  • Page 179: Mld Snooping Querier Commands

    ProSafe Managed Switch Term Definition VLAN ID The VLAN in which the MAC address is learned. MAC Address A multicast MAC address for which the switch has forwarding or filtering information. The format is 6 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB.

  • Page 180: Set Mld Querier Query_Interval

    ProSafe Managed Switch no set mld querier Use this command to disable MLD Snooping Querier on the system. Use the optional parameter address to reset the querier address. no set mld querier [vlan-id][address] Format Mode • Global Config • VLAN Mode set mld querier query_interval Use this command to set the MLD Querier Query Interval time.

  • Page 181: Set Mld Querier Election Participate

    ProSafe Managed Switch set mld querier election participate Use this command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN. When this mode is enabled, if the Snooping Querier finds that the other Querier’s source address is better (less) than the Snooping Querier’s address, it stops sending periodic queries.

  • Page 182: Port Security Commands

    ProSafe Managed Switch When you specify a value for vlanid, the following information appears. Field Description VLAN Admin Indicates whether MLD Snooping Querier is active on the VLAN. Mode VLAN Operational Indicates whether MLD Snooping Querier is in “Querier” or “Non-Querier” state. When State the switch is in Querier state, it will send out periodic general queries.

  • Page 183: Port-Security Max-Dynamic

    ProSafe Managed Switch port-security This command enables port locking at the system level (Global Config) or port level (Interface Config) Default disabled Format port-security Mode • Global Config • Interface Config no port-security This command disables port locking for one (Interface Config) or all (Global Config) ports. Format no port-security Mode...

  • Page 184: Port-Security Mac-Address

    ProSafe Managed Switch no port-security max-static This command sets maximum number of statically locked MAC addresses to the default value. Format no port-security max-static Mode Interface Config port-security mac-address This command adds a MAC address to the list of statically locked MAC addresses. The <vid>...

  • Page 185: Show Port-Security Dynamic

    ProSafe Managed Switch For each interface, or for the interface you specify, the following information appears: Term Definition Admin Mode Port Locking mode for the Interface. Dynamic Limit Maximum dynamically allocated MAC Addresses. Static Limit Maximum statically allocated MAC Addresses. Violation Trap Whether violation traps are enabled.

  • Page 186: Lldp (802.1Ab) Commands

    ProSafe Managed Switch LLDP (802.1AB) Commands This section describes the command you use to configure Link Layer Discovery Protocol (LLDP), which is defined in the IEEE 802.1AB specification. LLDP allows stations on an 802 LAN to advertise major capabilities and physical descriptions. The advertisements allow a network management system (NMS) to access and display this information.

  • Page 187: Lldp Transmit-Tlv

    ProSafe Managed Switch range is 2-10. The <reinit-seconds> is the delay before re-initialization, and the range is 1-0 seconds. Default • interval—30 seconds • hold—4 • reinit—2 seconds Format lldp timers [interval <interval-seconds>] [hold <hold-value>] [reinit <reinit-seconds> Mode Global Config no lldp timers Use this command to return any or all timing parameters for local data transmission on ports enabled for LLDP to the default values.

  • Page 188: Lldp Notification

    ProSafe Managed Switch lldp transmit-mgmt Use this command to include transmission of the local system management address information in the LLDPDUs. Default enabled Format lldp transmit-mgmt Mode Interface Config no lldp transmit-mgmt Use this command to include transmission of the local system management address information in the LLDPDUs.

  • Page 189: Clear Lldp Statistics

    ProSafe Managed Switch no lldp notification-interval Use this command to return the notification interval to the default value. Format no lldp notification-interval Mode Global Config clear lldp statistics Use this command to reset all LLDP statistics, including MED-related information. Format clear lldp statistics Mode Privileged Exec...

  • Page 190: Show Lldp Statistics

    ProSafe Managed Switch Term Definition Interface The interface in a unit/slot/port format. Link Shows whether the link is up or down. Transmit Shows whether the interface transmits LLDPDUs. Receive Shows whether the interface receives LLDPDUs. Notify Shows whether the interface sends remote data change notifications. TLVs Shows whether the interface sends optional TLVs in the LLDPDUs.

  • Page 191: Show Lldp Remote-Device

    ProSafe Managed Switch Term Definition Ageouts Total number of times a complete remote data entry was deleted for the port because the Time to Live interval expired. TLV Discards The number of TLVs discarded. TLV Unknowns Total number of LLDP TLVs received on the port where the type value is in the reserved range, and not recognized.

  • Page 192: Show Lldp Remote-Device Detail

    ProSafe Managed Switch 00:FC:E3:90:01:0F 00:FC:E3:90:01:14 00:FC:E3:90:01:0F 00:FC:E3:90:03:11 00:FC:E3:90:01:0F 00:FC:E3:90:04:11 0/10 0/11 0/12 --More-- or (q)uit show lldp remote-device detail Use this command to display detailed information about remote devices that transmit current LLDP data to an interface on the system. Format show lldp remote-device detail <unit/slot/port>...

  • Page 193: Show Lldp Local-Device

    ProSafe Managed Switch (Switch) #show lldp remote-device detail 0/7 LLDP Remote Device Detail Local Interface: 0/7 Remote Identifier: 2 Chassis ID Subtype: MAC Address Chassis ID: 00:FC:E3:90:01:0F Port ID Subtype: MAC Address Port ID: 00:FC:E3:90:01:11 System Name: System Description: Port Description: System Capabilities Supported: System Capabilities Enabled: Time to Live: 24 seconds...

  • Page 194: Lldp-Med Commands

    ProSafe Managed Switch Term Definition Port ID The port number that transmitted the LLDPDU. System Name The system name of the local device. System Describes the local system by identifying the system name and versions of hardware, Description operating system, and networking software supported in the device. Port Describes the port in an alpha-numeric format.

  • Page 195: Lldp Med Confignotification

    ProSafe Managed Switch lldp med confignotification Use this command to configure all the ports to send the topology change notification. Default enabled Format lldp med confignotification Mode Interface Config no ldp med confignotification Use this command to disable notifications. Format no lldp med confignotification Mode Interface Config...

  • Page 196: Lldp Med All

    ProSafe Managed Switch lldp med all Use this command to configure LLDP-MED on all the ports Format lldp med all Mode Global Config no lldp med all Use this command to remove LLDP-MD on all ports. Format no lldp med all Mode Global Config lldp med confignotification all...

  • Page 197: Show Lldp Med

    ProSafe Managed Switch lldp med transmit-tlv all Use this command to specify which optional Type Length Values (TLVs) in the LLDP MED set will be transmitted in the Link Layer Discovery Protocol Data Units (LLDPDUs). Default By default, the capabilities and network policy TLVs are included. Format lldp med transmit-tlv all [capabilities] [ex-pd] [ex-pse] [inventory] [location] [network-policy]...

  • Page 198: Show Lldp Med Interface

    ProSafe Managed Switch Example: The following shows example CLI display output for the command. (switch) #show lldp med LLDP MED Global Configuration Fast Start Repeat Count: Device Class: Network Connectivity (switch) # show lldp med interface Use this command to display a summary of the current LLDP MED configuration for a specific interface.

  • Page 199: Show Lldp Med Local-Device Detail

    ProSafe Managed Switch 1/0/13 Down Disabled Disabled Disabled 1/0/14 Down Disabled Disabled Disabled TLV Codes: 0- Capabilities, 1- Network Policy 2- Location, 3- Extended PSE 4- Extended Pd, 5- Inventory --More-- or (q)uit (Switch) #show lldp med interface 1/0/2 Interface Link configMED operMED ConfigNotify TLVsTx...
  • Page 200 ProSafe Managed Switch (Switch) #show lldp med local-device detail 1/0/8 LLDP MED Local Device Detail Interface: 1/0/8 Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1 Unknown: False Tagged: True Media Policy Application Type : streamingvideo Vlan ID: 20 Priority: 1 DSCP: 2...

  • Page 201: Show Lldp Med Remote-Device

    ProSafe Managed Switch show lldp med remote-device This command displays summary information about remote devices that transmit current LLDP MED data to the system. You can show information about LLDP remote data received on all ports or on a specific port. Format show lldp med remote-device {<unit/slot/port>...
  • Page 202 ProSafe Managed Switch Term Definition Device Class Shows the device class as advertized by the device remotely connected to the port. Network Policy Shows if network policy TLV is received in the LLDP frames on this port. Information Media Shows the application type. Types of applications are unknown, voice, voicesignaling, Application guestvoice, guestvoicesignaling, sfotphonevoice, videoconferencing, streamingvideo, Type...

  • Page 203: Denial Of Service Commands

    ProSafe Managed Switch LLDP MED Remote Device Detail Local Interface: 1/0/8 Remote Identifier: 18 Capabilities MED Capabilities Supported: capabilities, networkpolicy, location, extendedpse MED Capabilities Enabled: capabilities, networkpolicy Device Class: Endpoint Class I Network Policies Media Policy Application Type : voice Vlan ID: 10 Priority: 5 DSCP: 1...

  • Page 204: Dos-Control All

    ProSafe Managed Switch This section describes the commands you use to configure Denial of Service (DoS) Control. The software provides support for classifying and blocking specific types of Denial of Service attacks. You can configure your system to monitor and block these types of attacks: •...

  • Page 205: Dos-Control Sipdip

    ProSafe Managed Switch dos-control sipdip This command enables Source IP address = Destination IP address (SIP=DIP) Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress with SIP=DIP, the packets will be dropped if the mode is enabled. Default disabled Format...

  • Page 206: Dos-Control Tcpfrag

    ProSafe Managed Switch dos-control tcpfrag This command enables TCP Fragment Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having IP Fragment Offset equal to one (1), the packets will be dropped if the mode is enabled. Default disabled Format...

  • Page 207: Dos-Control Icmp

    ProSafe Managed Switch Note: Some applications mirror source and destination L4 ports - RIP for example uses 520 for both. If you enable dos-control l4port, applications such as RIP may experience packet loss which would render the application inoperable. Default disabled Format dos-control l4port...

  • Page 208: Dos-Control Tcpport

    ProSafe Managed Switch this type of attack. If packets ingress with SMAC=DMAC, the packets will be dropped if the mode is enabled. Default disabled Format dos-control smacdmac Mode Global Config no dos-control smacdmac This command disables Source MAC address = Destination MAC address (SMAC=DMAC) Denial of Service protection.

  • Page 209: Dos-Control Tcpflagseq

    ProSafe Managed Switch no dos-control udpport This command disables UDP L4 source = destination port number (Source UDP Port = Destination UDP Port) Denial of Service protection. Format no dos-control udppport Mode Global Config dos-control tcpflagseq This command enables TCP Flag and Sequence Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack.

  • Page 210: Dos-Control Tcpsyn

    ProSafe Managed Switch dos-control tcpsyn This command enables TCP SYN and L4 source = 0-1023 Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having TCP flag SYN set and an L4 source port from 0 to 1023, the packets will be dropped if the mode is enabled.
  • Page 211 ProSafe Managed Switch Format dos-control tcpfinurgpsh Mode Global Config no dos-control tcpfinurgpsh This command sets disables TCP FIN and URG and PSH and SEQ=0 checking Denial of Service protections. Format no dos-control tcpfinurgpsh Mode Global Config dos-control icmpv4 This command enables Maximum ICMPv4 Packet Size Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack.

  • Page 212: Dos-Control Icmpfrag

    ProSafe Managed Switch no dos-control icmpv6 This command disables Maximum ICMP Packet Size Denial of Service protections. Format no dos-control icmpv6 Mode Global Config dos-control icmpfrag This command enables ICMP Fragment Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack.

  • Page 213: Mac Database Commands

    ProSafe Managed Switch Term Definition Max ICMPv4 Pkt The range is 0-1023. The factory default is 512. Size Max ICMPv6 Pkt The range is 0-16384. The factory default is 512. Size ICMP Fragment May be enabled or disabled. The factory default is disabled. Mode L4 Port Mode May be enabled or disabled.

  • Page 214: Show Forwardingdb Agetime

    ProSafe Managed Switch no bridge aging-time This command sets the forwarding database address aging timeout to the default value. Format no bridge aging-time Mode Global Config show forwardingdb agetime This command displays the timeout for address aging. Default 300s Format show forwardingdb agetime Mode Privileged EXEC...

  • Page 215: Isdp Commands

    ProSafe Managed Switch show mac-address-table stats This command displays the Multicast Forwarding Database (MFDB) statistics. Format show mac-address-table stats Mode Privileged EXEC Term Definition Max MFDB The total number of entries that can possibly be in the Multicast Forwarding Database Table Entries table.

  • Page 216: Isdp Timer

    ProSafe Managed Switch Format isdp holdtime <10-255> Mode Global Config isdp timer This command sets the period of time between sending new ISDP packets. The range is given in seconds. Default 30 seconds Format isdp timer <5-254> Mode Global Config isdp advertise-v2 This command enables the sending of ISDP version 2 packets from the device.

  • Page 217: Clear Isdp Counters

    ProSafe Managed Switch clear isdp counters This command clears ISDP counters. Format clear isdp counters Mode Privileged EXEC clear isdp table This command clears entries in the ISDP table. Format clear isdp table Mode Privileged EXEC show isdp This command displays global ISDP settings. Format show isdp Mode...

  • Page 218: Show Isdp Interface

    ProSafe Managed Switch show isdp interface This command displays ISDP settings for the specified interface. Format show isdp interface {all | <unit/slot/port>} Mode Privileged EXEC Term Definition Mode ISDP mode enabled/disabled status for the interface(s). show isdp entry This command displays ISDP entries. If the device id is specified, then only entries for that device are shown.

  • Page 219: Show Isdp Traffic

    ProSafe Managed Switch Term Definition Device ID The device ID associated with the neighbor which advertised the information. IP Addresses The IP addresses associated with the neighbor. Capability ISDP functional capabilities advertised by the neighbor. Platform The hardware platform advertised by the neighbor. Interface The interface (unit/slot/port) on which the neighbor's advertisement was received.

  • Page 220: Priority-Based Flow Control Commands

    ProSafe Managed Switch Term Definition ISDPv1 Packets Total number of ISDPv1 packets transmitted Transmitted ISDPv2 Packets Received Total number of ISDPv2 packets received ISDPv2 Packets Total number of ISDPv2 packets transmitted Transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure...

  • Page 221: Datacenter-Bridging Priority-Flow-Control Mode On

    Priorities are differentiated by the priority field of the IEEE 802.1Q VLAN header, which identifies an IEEE 802.1p priority value. In NETGEAR Managed Switch, these priority values must be mapped to internal class-of-service (CoS) values. To enable priority-based flow control for a particular CoS value on an interface: •...

  • Page 222: Show Datacenter-Bridging Priority-Flow-Control

    ProSafe Managed Switch Additionally, the mapping of class-of-service levels to 802.1p priority values to must be set to one-to-one. Format datacenter-bridging priority-flow-control priority priority-list {drop | no-drop} Mode Interface Config Default drop show datacenter-bridging priority-flow-control This command displays a summary of the priority flow control configuration for a specified interface or all interfaces.

  • Page 223: Chapter 4 Multicast Vlan Registration (Mvr)

    Multicast VLAN Registration (MVR) This chapter contains the following sections: • About MVR • MVR Commands About MVR Internet Group Management Protocol (IGMP) Layer 3 is widely used for IPv4 network multicasting. In Layer 2 networks, IGMP uses resources inefficiently. For example, a Layer 2 switch multicasts traffic to all ports, even if there are receivers connected to only a few ports.

  • Page 224: Mvr Group

    ProSafe Managed Switch no mvr This command disables MVR. Format no mvr Mode Global Config Interface Config mvr group This command adds an MVR membership group. <A.B.C.D> is the IP multicast group being added. The count is the number of incremental multicast groups being added (the first multicast group is A.B.C.D).

  • Page 225: Mvr Querytime

    ProSafe Managed Switch no mvr mode This command sets the mode type to the default value. Format no mvr mode Mode Global Config mvr querytime This command sets the MVR query response time. Format mvr querytime<1-100> Mode Global Config Default no mvr querytime This command sets the MVR query response time to the default value.

  • Page 226: Mvr Type

    ProSafe Managed Switch received from other interested hosts that are also connected to that port, for example, using hub. • In immediate leave mode, when a leave is received, the switch is immediately reconfigured not to forward a specific multicast stream to the port where a message is received.

  • Page 227: Show Mvr

    ProSafe Managed Switch no mvr vlan Use this command to exclude the port from the specific MVR group. Format no mvr vlan <mVLAN> group <A.B.C.D> Mode Interface Config show mvr This command displays global MVR settings. Format show mvr Mode Privileged EXEC The following table explains the output parameters.

  • Page 228: Show Mvr Interface

    ProSafe Managed Switch The following table describes the output parameters. Term Definition MVR Group IP MVR group multicast IP address. Status The status of the specific MVR group. It can be active or inactive. Members The list of ports that participates in the specified MVR group. Example: (switch)#show mvr members MVR Group IP...

  • Page 229: Show Mvr Traffic

    ProSafe Managed Switch (switch)#show mvr interface 1/0/9 Type: RECEIVER Status: ACTIVE Immediate Leave: DISABLED (switch)#show mvr interface Fa1/0/23 members 235.0.0.1 STATIC ACTIVE (switch)#show mvr interface Fa1/0/23 members vlan 12 235.0.0.1 STATIC ACTIVE 235.1.1.1 STATIC ACTIVE show mvr traffic This command displays global MVR statistics. Format show mvr traffic Mode...
  • Page 230 ProSafe Managed Switch IGMP Report V1 Transmitted…......... 0 IGMP Report V2 Transmitted…......... 3 IGMP Leave Transmitted…........1 IGMP Packet Receive Failures…....... 0 IGMP Packet Transmit Failures…......0 Multicast VLAN Registration (MVR)

  • Page 231: Chapter 5 Routing Commands

    Routing Commands This chapter describes the routing commands available in the 7000 series CLI. Note: Commands described in this chapter that require a license are: Router Discovery Protocol Commands Virtual Router Redundancy Protocol Commands Open Shortest Path First (OSPF) Commands OSPF Graceful Restart Commands Routing Information Protocol (RIP) Commands This chapter contains the following sections:...

  • Page 232: Address Resolution Protocol (Arp) Commands

    ProSafe Managed Switch Address Resolution Protocol (ARP) Commands This section describes the commands you use to configure ARP and to view ARP information on the switch. ARP associates IP addresses with MAC addresses and stores the information as ARP entries in the ARP cache. This command creates an ARP entry.

  • Page 233: Arp Cachesize

    ProSafe Managed Switch arp cachesize This command configures the ARP cache size. The ARP cache size value is a platform specific integer value. The default size also varies depending on the platform. Format arp cachesize <platform specific integer value> Mode Global Config no arp cachesize This command configures the default ARP cache size.

  • Page 234: Arp Retries

    ProSafe Managed Switch The value for <seconds> is a valid positive integer, which represents the IP ARP entry response timeout time in seconds. The range for <seconds> is between 1-10 seconds. Default Format arp resptime <1-10> Mode Global Config no arp resptime This command configures the default ARP request response timeout.

  • Page 235: Show Arp

    ProSafe Managed Switch no arp timeout This command configures the default ARP entry ageout time. Format no arp timeout Mode Global Config clear arp-cache This command causes all ARP entries of type dynamic to be removed from the ARP cache. If the gateway keyword is specified, the dynamic entries of type gateway are purged as well.

  • Page 236: Show Arp Brief

    ProSafe Managed Switch Term Definition Total Entry Count The total entries in the ARP table and the peak entry count in the ARP table. Current / Peak Static Entry Count The static entry count in the ARP table, the active entry count in the ARP table, the Configured/Active active entry count in the ARP table, and maximum static entry count in the ARP table.

  • Page 237: Ip Routing Commands

    ProSafe Managed Switch show arp switch This command displays the contents of the switch’s Address Resolution Protocol (ARP) table. Format show arp switch Mode Privileged EXEC Term Definition IP Address The IP address of a device on a subnet attached to the switch. MAC Address The hardware MAC address of that device.

  • Page 238: Ip Address Dhcp

    ProSafe Managed Switch no ip routing This command disables the IP Router Admin Mode for the master switch. Format no ip routing Mode Global Config ip address This command configures an IP address on an interface. You can also use this command to configure one or more secondary IP addresses on the interface.The value for <ipaddr>...

  • Page 239: Release Dhcp

    ProSafe Managed Switch no ip address dhcp Use this command to release a leased address and disable DHCPv4 on an interface. Format no ip address dhcp Mode Interface Config ip default-gateway Use this command to manually configure a default gateway for the switch. Only one default gateway can be configured.

  • Page 240: Show Dhcp Lease

    ProSafe Managed Switch show dhcp lease Use this command to display a list of IPv4 addresses currently leased from a DHCP server on a specific in-band interface or all in-band interfaces. This command does not apply to service or network ports. Format show dhcp lease [interface <unit/slot/port>] Mode...

  • Page 241: Ip Route Default

    ProSafe Managed Switch • Confirm that the associated link is also up. Default preference—1 Format ip route <ipaddr> <subnetmask> [<nexthopip> | Null0] [<preference>] Mode Global Config no ip route This command deletes a single next hop to a destination static route. If you use the <nexthopip>...

  • Page 242: Ip Netdirbcast

    ProSafe Managed Switch they were assigned the original default distance. The new default distance will only be applied to static routes created after invoking the ip route distance command. Default Format ip route distance <1-255> Mode Global Config no ip route distance This command sets the default static route preference value in the router.
  • Page 243 ProSafe Managed Switch OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange. If two OSPF neighbors advertise different IP MTUs, they will not form an adjacency. (unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtu-ignore command.) Note: The IP MTU size refers to the maximum size of the IP packet (IP...

  • Page 244: Clear Ip Route All

    ProSafe Managed Switch clear ip route all This command removes all the route entries learned over the network. Format clear ip route all Mode Privileged EXEC Protocol Tells which protocol added the specified route. The possibilities are: local, static, OSPF, or RIP.

  • Page 245: Show Ip Interface

    ProSafe Managed Switch ICMP Rate Limit Interval....... 1000 msec ICMP Rate Limit Burst Size..... 100 messages ICMP Echo Replies......Enabled ICMP Redirects......... Enabled show ip interface This command displays all pertinent information about the IP interface. Format show ip interface {<unit/slot/port> | vlan <1-4093> | loopback <0-7>} Modes •...

  • Page 246: Show Ip Interface Brief

    ProSafe Managed Switch Term Definition Destination Displays whether ICMP Destination Unreachables may be sent (enabled or disabled). Unreachables ICMP Redirects Displays whether ICMP Redirects may be sent (enabled or disabled). The following shows example CLI display output for the command. (switch)#show ip interface 1/0/2 Routing Interface Status.......

  • Page 247: Show Ip Route

    ProSafe Managed Switch Term Definition Netdir Bcast Indicates if IP forwards net-directed broadcasts on this interface. Possible values are Enable or Disable. MultiCast Fwd The multicast forwarding administrative mode on the interface. Possible values are Enable or Disable. show ip route This command displays the routing table.

  • Page 248: Show Ip Route Summary

    ProSafe Managed Switch Term Definition Metric The cost associated with this route. via Next-Hop The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path toward the destination. Route-Timestamp The last updated time for dynamic routes. The format of Route-Timestamp will be •...

  • Page 249: Show Ip Route Preferences

    ProSafe Managed Switch Term Definition Connected The total number of connected routes in the routing table. Routes Static Routes Total number of static routes in the routing table. RIP Routes Total number of routes installed by RIP protocol. OSPF Routes Total number of routes installed by OSPF protocol.

  • Page 250: Router Discovery Protocol Commands

    ProSafe Managed Switch show ip stats This command displays IP statistical information. Refer to RFC 1213 for more information about the fields that are displayed. Format show ip stats Modes • Privileged EXEC • User EXEC Router Discovery Protocol Commands This section describes the commands you use to view and configure Router Discovery Protocol settings on the switch.

  • Page 251: Ip Irdp Holdtime

    ProSafe Managed Switch no ip irdp multicast This command configures the address used to advertise the router to the Broadcast address (255.255.255.155).. Format no ip irdp multicast Mode Interface Config ip irdp holdtime This command configures the value, in seconds, of the holdtime field of the router advertisement sent from this interface.

  • Page 252: Ip Irdp Minadvertinterval

    ProSafe Managed Switch ip irdp minadvertinterval This command configures the minimum time, in seconds, allowed between sending router advertisements from the interface. The range for minadvertinterval is three to the value of maxadvertinterval. Default 0.75 * maxadvertinterval Format ip irdp minadvertinterval <3-maxadvertinterval> Mode Interface Config no ip irdp minadvertinterval...

  • Page 253: Virtual Lan Routing Commands

    ProSafe Managed Switch Term Definition Interface The <unit/slot/port> that matches the rest of the information in the row. Ad Mode The advertise mode, which indicates whether router discovery is enabled or disabled on this interface. Advertise The IP address to which the interface sends the advertisement. Address Max Int The maximum advertise interval, which is the maximum time, in seconds, allowed...

  • Page 254: Virtual Router Redundancy Protocol Commands

    ProSafe Managed Switch show ip vlan This command displays the VLAN routing information for all VLANs with routing enabled. Format show ip vlan Modes • Privileged EXEC • User EXEC Term Definition MAC Address The MAC Address associated with the internal bridge-router interface (IBRI). The same used by MAC Address is used by all VLAN routing interfaces.

  • Page 255: Ip Vrrp Mode

    ProSafe Managed Switch ip vrrp (Interface Config) Use this command in Interface Config mode to create a virtual router associated with the interface. The parameter <vrid> is the virtual router ID, which has an integer value range from 1 to 255. Format ip vrrp <vrid>...

  • Page 256: Ip Vrrp Authentication

    ProSafe Managed Switch Format ip vrrp <vrid> ip <ipaddr> [secondary] Mode Interface Config no ip vrrp ip Use this command in Interface Config mode to delete a secondary IP address value from the interface. To delete the primary IP address, you must delete the virtual router on the interface. Format no ip vrrp <vrid>...

  • Page 257: Ip Vrrp Priority

    ProSafe Managed Switch no ip vrrp preempt This command sets the default preemption mode value for the virtual router configured on a specified interface. Format no ip vrrp <vrid> preempt Mode Interface Config ip vrrp priority This command sets the priority of a router within a VRRP group. Higher values equal higher priority.

  • Page 258: Ip Vrrp Track Interface

    ProSafe Managed Switch no ip vrrp timers advertise This command sets the default virtual router advertisement value for an interface. Format no ip vrrp <vrid> timers advertise Mode Interface Config ip vrrp track interface Use this command to alter the priority of the VRRP router based on the availability of its interfaces.

  • Page 259: Ip Vrrp Accept-Mode

    ProSafe Managed Switch for each downed route. By default no routes are tracked. If you specify just the route to be tracked, without giving the optional priority, then the default priority will be set. The default priority decrement is 10. The default priority decrement is changed using the <priority> argument.

  • Page 260: Show Ip Vrrp Interface Stats

    ProSafe Managed Switch no ip vrrp vrid accept-mode This command is used to allow a router to respond to ICMP Echo Requests sent to an address on a VRRP virtual router. Format no ip vrrp <vrid> accept-mode Mode Interface Config show ip vrrp interface stats This command displays the statistical information about each virtual router configured on the switch.

  • Page 261: Show Ip Vrrp

    ProSafe Managed Switch Term Definition Authentication The total number of VRRP advertisements received for which 'auth type' not equal to Type Mismatch locally configured one for this virtual router. Packet Length The total number of VRRP packets received with packet length less than length of VRRP Errors header.

  • Page 262: Show Ip Vrrp Interface Brief

    ProSafe Managed Switch Term Definition Configured The priority configured through the ip vrrp <vrid> priority <1-254> command. Priority Advertisement The advertisement interval in seconds for the specific virtual router. interval Pre-Empt Mode The preemption mode configured on the specified virtual router. Administrative The status (Enable or Disable) of the specific router.

  • Page 263: Dhcp And Bootp Relay Commands

    ProSafe Managed Switch Term Definition Mode Indicates whether the virtual router is enabled or disabled. State The state (Master/backup) of the virtual router. DHCP and BOOTP Relay Commands This section describes the commands you use to configure BootP/DHCP Relay on the switch.

  • Page 264: Bootpdhcprelay Minwaittime

    ProSafe Managed Switch bootpdhcprelay minwaittime This command configures the minimum wait time in seconds for BootP/DHCP Relay on the system. When the BOOTP relay agent receives a BOOTREQUEST message, it MAY use the seconds-since-client-began-booting field of the request as a factor in deciding whether to relay the request or not.

  • Page 265: Ip Helper Commands

    ProSafe Managed Switch IP Helper Commands This section describes the commands to configure a DHCP relay agent with multiple DHCP server addresses per routing interface, and to use different server addresses for client packets arriving on different interfaces on the relay agent. clear ip helper statistics Use this command to reset the statistics displayed in the show ip helper statistics...

  • Page 266: Ip Helper Enable

    ProSafe Managed Switch ip helper enable Use this command to enable relay of UDP packets. This command can be used to temporarily disable IP helper without deleting all IP helper addresses. This command replaces the command, but affects not only relay of DHCP bootpdhcprelay enable packets, but also relay of any other protocols for which an IP helper address has been configured.

  • Page 267: Show Ip Helper Statistics

    ProSafe Managed Switch ip helper-address discard Use this command to drop matching packets. Format ip helper-address discard {<1-65535>|dhcp|domain|isakmp|mobile-ip|nameserver| netbios-dgm|netbios-ns|ntp|pim-auto-rip|rip|tacacs|tftp|time} Mode Interface Config no ip helper-address discard Use this command to permit the matching packets. Format no ip helper-address discard {<1-65535>|dhcp|domain|isakmp|mobile-ip|nameserver| netbios-dgm|netbios-ns|ntp|pim-auto-rip|rip|tacacs|tftp|time} Mode Interface Config...

  • Page 268: Open Shortest Path First (Ospf) Commands

    ProSafe Managed Switch Term Definition DHCP server The number of DHCP responses received from the DHCP server. This count messages received includes only messages that the DHCP server unicasts to the relay agent for relay to the client. DHCP server The number of DHCP server messages relayed to a client.

  • Page 269: Ip Ospf Area

    ProSafe Managed Switch enable (OSPF) This command resets the default administrative mode of OSPF in the router (active). Default enabled Format enable Mode Router OSPF Config no enable (OSPF) This command sets the administrative mode of OSPF in the router to inactive. Format no enable Mode...

  • Page 270: Area Default-Cost (Ospf)

    ProSafe Managed Switch no ip ospf area Use this command to disable OSPF on an interface. Format no ip ospf area [secondaries none] Mode Interface Config 1583compatibility This command enables OSPF 1583 compatibility. Note: 1583 compatibility mode is enabled by default. If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled.

  • Page 271: Area Nssa Default-Info-Originate (Ospf)

    ProSafe Managed Switch no area nssa This command disables nssa from the specified area id. Format no area <areaid> nssa Mode Router OSPF Config area nssa default-info-originate (OSPF) This command configures the metric value and type for the default route advertised into the NSSA.

  • Page 272: Area Nssa No-Summary (Ospf)

    ProSafe Managed Switch area nssa no-summary (OSPF) This command configures the NSSA so that summary LSAs are not advertised into the NSSA. Format area <areaid> nssa no-summary Mode Router OSPF Config no area nssa no-summary (OSPF) This command disables nssa from the summary LSAs. Format no area <areaid>...

  • Page 273: Area Range (Ospf)

    ProSafe Managed Switch no area nssa translator-stab-intv (OSPF) This command disables the nssa translator’s <stabilityinterval> from the specified area id. Format no area <areaid> nssa translator-stab-intv <stabilityinterval> Mode Router OSPF Config area range (OSPF) This command creates a specified area range for a specified NSSA. The <ipaddr> is a valid IP address.

  • Page 274: Area Stub No-Summary (Ospf)

    ProSafe Managed Switch area stub no-summary (OSPF) This command configures the Summary LSA mode for the stub area identified by <areaid>. Use this command to prevent LSA Summaries from being sent. Default disabled Format area <areaid> stub no-summary Mode Router OSPF Config no area stub no-summary This command configures the default Summary LSA mode for the stub area identified by <areaid>.

  • Page 275: Area Virtual-Link Dead-Interval (Ospf)

    ProSafe Managed Switch specified. The default value for authentication type is none. Neither the default password key nor the default key id are configured. Default none Format area <areaid> virtual-link <neighbor> authentication {none | {simple <key>} | {encrypt <key> <keyid>}} Mode Router OSPF Config no area virtual-link authentication...

  • Page 276: Area Virtual-Link Retransmit-Interval (Ospf)

    ProSafe Managed Switch no area virtual-link hello-interval This command configures the default hello interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid> virtual-link <neighbor> hello-interval Mode Router OSPF Config area virtual-link retransmit-interval (OSPF)

  • Page 277: Auto-Cost (Ospf)

    ProSafe Managed Switch auto-cost (OSPF) By default, OSPF computes the link cost of each interface from the interface bandwidth. Faster links have lower metrics, making them more attractive in route selection. The configuration parameters in the auto-cost reference bandwidth and bandwidth commands give you control over the default link cost.

  • Page 278: Capability Opaque

    ProSafe Managed Switch no bandwidth Use this command to set the interface bandwidth to its default value. Format no bandwidth Mode Interface Config capability opaque Use this command to enable Opaque Capability on the Router. The information contained in Opaque LSAs may be used directly by OSPF or indirectly by an application wishing to distribute information throughout the OSPF domain.

  • Page 279: Clear Ip Ospf Redistribution

    ProSafe Managed Switch clear ip ospf neighbor Use this command to drop the adjacency with all OSPF neighbors. On each neighbor’s interface, send a one-way hello. Adjacencies may then be re-established. To drop all adjacencies with a specific router ID, specify the neighbor’s Router ID using the optional parameter [neighbor-id].

  • Page 280: Default-Metric (Ospf)

    ProSafe Managed Switch no default-information originate (OSPF) This command is used to control the advertisement of default routes. Format no default-information originate [metric] [metric-type] Mode Router OSPF Config default-metric (OSPF) This command is used to set a default for the metric of distributed routes. Format default-metric <1-16777214>...

  • Page 281: Distribute-List Out (Ospf)

    ProSafe Managed Switch distribute-list out (OSPF) Use this command to specify the access list to filter routes received from the source protocol. Format distribute-list <1-199> out {rip | static | connected} Mode Router OSPF Config no distribute-list out Use this command to specify the access list to filter routes received from the source protocol. Format no distribute-list <1-199>...

  • Page 282: Ip Ospf Authentication

    ProSafe Managed Switch no external-lsdb-limit This command configures the default external LSDB limit for OSPF. Format no external-lsdb-limit Mode Router OSPF Config ip ospf authentication This command sets the OSPF Authentication Type and Key for the specified interface. The value of <type> is either none, simple or encrypt. The <key> is composed of standard displayable, non-control keystrokes from a Standard 101/102-key keyboard.

  • Page 283: Ip Ospf Network

    ProSafe Managed Switch ip ospf dead-interval This command sets the OSPF dead interval for the specified interface. The value for <seconds> is a valid positive integer, which represents the length of time in seconds that a router's Hello packets have not been seen before its neighbor routers declare that the router is down.

  • Page 284: Ip Ospf Priority

    ProSafe Managed Switch point-to-point networks, OSPF does not elect a designated router or generate a network link state advertisement (LSA). Both endpoints of the link must be configured to operate in point-to-point mode. Default broadcast Format ip ospf network {broadcast|point-to-point} Mode Interface Config no ip ospf network...

  • Page 285: Ip Ospf Transmit-Delay

    ProSafe Managed Switch no ip ospf retransmit-interval This command sets the default OSPF retransmit Interval for the specified interface. Format no ip ospf retransmit-interval Mode Interface Config ip ospf transmit-delay This command sets the OSPF Transit Delay for the specified interface. The transmit delay is specified in seconds.

  • Page 286: Router-Id (Ospf)

    ProSafe Managed Switch router-id (OSPF) This command sets a 4-digit dotted-decimal number uniquely identifying the router ospf id. The <ipaddress> is a configured value. Format router-id <ipaddress> Mode Router OSPF Config redistribute (OSPF) This command configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers.

  • Page 287: Timers Spf

    ProSafe Managed Switch passive-interface default (OSPF) Use this command to enable global passive mode by default for all interfaces. It overrides any interface level passive mode. OSPF will not form adjacencies over a passive interface. Default disabled Format passive-interface default Mode Router OSPF Config no passive-interface default...

  • Page 288: Trapflags (Ospf)

    ProSafe Managed Switch trapflags (OSPF) Use this command to enable individual OSPF traps, enable a group of trap flags at a time, or enable all the trap flags at a time. The different groups of trapflags, and each group’s specific trapflags to enable or disable, are listed in Table Table 1.
  • Page 289 ProSafe Managed Switch Default disabled Format trapflags { all | errors {all | authentication-failure | bad-packet | config-error | virt- authentication-failure | virt-bad-packet | virt-config-error} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approaching-overflow} | retransmit {all | packets | virt-packets} | rtb {all, rtb-entry-info} | state-change {all | if-state-change | neighbor-state-change |...

  • Page 290: Show Ip Ospf

    ProSafe Managed Switch show ip ospf This command displays information relevant to the OSPF router. Format show ip ospf Mode Privileged EXEC Note: Some of the information below displays only if you enable OSPF and configure certain features. Term Definition Router ID A 32-bit integer in dotted decimal format identifying the router, about which information is displayed.
  • Page 291 ProSafe Managed Switch Term Definition Stub Router When OSPF runs out of resources to store the entire link state database, or any other state information, OSPF goes into stub router mode. As a stub router, OSPF re-originates its own router LSAs, setting the cost of all non-stub interfaces to infinity. To restore OSPF to normal operation, disable and re-enable OSPF.
  • Page 292 ProSafe Managed Switch Term Definition Always Shows whether default routes are always advertised. Metric The metric of the routes being redistributed. If the metric is not configured, this field is blank. Metric Type Shows whether the routes are External Type 1 or External Type 2. Number of The number of active OSPF areas.

  • Page 293: Show Ip Ospf Abr

    ProSafe Managed Switch External LSA Count......0 External LSA Checksum......0 AS_OPAQUE LSA Count......0 AS_OPAQUE LSA Checksum......0 LSAs Originated.......0 LSAs Received.........0 LSA Count........0 Maximum Number of LSAs......18200 LSA High Water Mark......0 Retransmit List Entries......9078 Maximum Number of Retransmit Entries... 72800 Retransmit Entries High Water Mark..... 72849 show ip ospf abr This command displays the internal OSPF routing table entries to Area Border Routers (ABR).

  • Page 294: Show Ip Ospf Asbr

    ProSafe Managed Switch Term Definition Spf Runs The number of times that the intra-area route table has been calculated using this area's link-state database. Area Border The total number of area border routers reachable within this area. Router Count Area LSA Count Total number of link-state advertisements in this area's link-state database, excluding AS External LSA's.

  • Page 295: Show Ip Ospf Database

    ProSafe Managed Switch Term Definition Type The type of the route to the destination. It can be one of the following values: intra — Intra-area route inter — Inter-area route Router ID Router ID of the destination. Cost Cost of using this route. Area ID The area ID of the area from which this route is learned.

  • Page 296: Show Ip Ospf Database Database-Summary

    ProSafe Managed Switch The information below is only displayed if OSPF is enabled. Format show ip ospf [<areaid>] database [{database-summary | [{asbr-summary | external | network | nssa-external | opaque-area | opaque-as | opaque-link | router | summary}] [{adv-router [<ipaddr>] | self-originate}]}] Mode •...

  • Page 297: Show Ip Ospf Interface

    ProSafe Managed Switch Term Definition Subtotal Number of entries for the identified area. Opaque AS Number of opaque AS LSAs in the database. Total Number of entries for all areas. show ip ospf interface This command displays the information for the IFO object or virtual interface tables. Format show ip ospf interface {<unit/slot/port>...

  • Page 298: Show Ip Ospf Interface Brief

    ProSafe Managed Switch The information below will only be displayed if OSPF is enabled. Term Definition OSPF Interface Broadcast LANs, such as Ethernet and IEEE 802.5, take the value broadcast. The Type OSPF Interface Type will be 'broadcast'. State The OSPF Interface States are: down, loopback, waiting, point-to-point, designated router, and backup designated router.

  • Page 299: Show Ip Ospf Interface Stats

    ProSafe Managed Switch show ip ospf interface stats This command displays the statistics for a specific interface. The information below will only be displayed if OSPF is enabled. Format show ip ospf interface stats <unit/slot/port> Modes • Privileged EXEC • User EXEC Term Definition OSPF Area ID...

  • Page 300: Show Ip Ospf Neighbor

    ProSafe Managed Switch Term Definition Invalid The number of OSPF packets discarded because the packet’s destination IP address is Destination not the address of the ingress interface and is not the AllDrRouters or AllSpfRouters Address multicast addresses. Wrong The number of packets discarded because the authentication type specified in the OSPF Authentication header does not match the authentication type configured on the ingress interface.
  • Page 301 ProSafe Managed Switch displays. The information below only displays if OSPF is enabled and the interface has a neighbor. Format show ip ospf neighbor [interface <unit/slot/port>] [<ip-address>] Modes • Privileged EXEC • User EXEC If you do not specify an IP address, a table with the following columns displays for all neighbors or the neighbor associated with the interface that you specify: Term Definition...

  • Page 302: Show Ip Ospf Range

    ProSafe Managed Switch Term Definition Area ID The area ID of the OSPF area associated with the interface. Options An integer value that indicates the optional OSPF capabilities supported by the neighbor. The neighbor's optional OSPF capabilities are also listed in its Hello packets. This enables received Hello Packets to be rejected (i.e., neighbor relationships will not even start to form) if there is a mismatch in certain crucial OSPF capabilities.

  • Page 303: Show Ip Ospf Statistics

    ProSafe Managed Switch Term Definition Area ID The area id of the requested OSPF area. IP Address An IP address which represents this area range. Subnet Mask A valid subnet mask for this area range. Lsdb Type The type of link advertisement associated with this area range. Advertisement The status of the advertisement.

  • Page 304: Show Ip Ospf Virtual-Link

    ProSafe Managed Switch Term Definition Area ID A 32-bit identifier for the created stub area. Type of Service The type of service associated with the stub metric. Switch CLI only supports Normal TOS. Metric Val The metric value is applied based on the TOS. It defaults to the least metric of the type of service among the interfaces to other areas.

  • Page 305: Ospf Graceful Restart Commands

    ProSafe Managed Switch show ip ospf virtual-link brief This command displays the OSPF Virtual Interface information for all areas in the system. Format show ip ospf virtual-link brief Modes • Privileged EXEC • User EXEC Term Definition Area ID The area id of the requested OSPF area. Neighbor The neighbor interface of the OSPF virtual interface.

  • Page 306: Nsf

    ProSafe Managed Switch Use this command to enable the OSPF graceful restart functionality on an interface. To disable graceful restart, use the no form of the command. Default Disabled Format nsf [ietf] [planned-only] Modes OSPF Router Configuration Parameter Description ietf This keyword is accepted but not required.

  • Page 307: Nsf Helper

    ProSafe Managed Switch no nsfrestart-interval Use this command to revert the grace period to its default value. Format no [ietf] nsf restart-interval Modes OSPF Router Configuration nsf helper Use this command to enable helpful neighbor functionality for the OSPF protocol. You can enable this functionality for planned or unplanned restarts, or both.

  • Page 308: Nsf [Ietf] Helper Strict-Lsa-Checking

    ProSafe Managed Switch Parameter Description ietf This keyword is accepted but not required. nsf [ietf] helper strict-lsa-checking The restarting router is unable to react to topology changes. In particular, the restarting router will not immediately update its forwarding table; therefore, a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes.

  • Page 309: Enable (Rip)

    ProSafe Managed Switch enable (RIP) This command resets the default administrative mode of RIP in the router (active). Default enabled Format enable Mode Router RIP Config no enable (RIP) This command sets the administrative mode of RIP in the router to inactive. Format no enable Mode...

  • Page 310: Distance Rip

    ProSafe Managed Switch default-information originate (RIP) This command is used to control the advertisement of default routes. Format default-information originate Mode Router RIP Config no default-information originate (RIP) This command is used to control the advertisement of default routes. Format no default-information originate Mode Router RIP Config...

  • Page 311: Ip Rip Authentication

    ProSafe Managed Switch distribute-list out (RIP) This command is used to specify the access list to filter routes received from the source protocol. Default Format distribute-list <1-199> out {ospf | static | connected} Mode Router RIP Config no distribute-list out This command is used to specify the access list to filter routes received from the source protocol.

  • Page 312: Ip Rip Send Version

    ProSafe Managed Switch The value for <mode> is one of: rip1 to receive only RIP version 1 formatted packets, rip2 for RIP version 2, both to receive packets from either format, or none to not allow any RIP control packets to be received. Default both Format...

  • Page 313: Redistribute (Rip)

    ProSafe Managed Switch no hostroutesaccept This command disables the RIP hostroutesaccept mode. Format no hostroutesaccept Mode Router RIP Config split-horizon This command sets the RIP split horizon mode. Split horizon is a technique for avoiding problems caused by including routes in updates sent to the router from which the route was originally learned.

  • Page 314: Show Ip Rip

    ProSafe Managed Switch no redistribute This command de-configures RIP protocol to redistribute routes from the specified source protocol/routers. Format no redistribute {ospf | static | connected} [metric] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external-2]] Mode Router RIP Config show ip rip This command displays information relevant to the RIP router.

  • Page 315: Show Ip Rip Interface

    ProSafe Managed Switch Term Definition Interface Valid slot and port number separated by forward slashes. IP Address The IP source address used by the specified RIP interface. Send Version The RIP version(s) used when sending updates on the specified interface. The types are none, RIP-1, RIP-1c, RIP-2 Receive Version The RIP version(s) allowed when receiving updates from the specified interface.

  • Page 316: Icmp Throttling Commands

    ProSafe Managed Switch Term Definition Bad Routes The number of routes contained in valid RIP packets that were ignored for any reason. Received Updates Sent The number of triggered RIP updates actually sent on this interface. ICMP Throttling Commands This section describes the commands you use to configure options for the transmission of various types of ICMP messages.

  • Page 317: Ip Icmp Echo-Reply

    ProSafe Managed Switch ip icmp echo-reply Use this command to enable the generation of ICMP Echo Reply messages by the router. By default, the generation of ICMP Echo Reply messages is enabled. Default enabled Format ip icmp echo-reply Mode Global Config no ip icmp echo-reply Use this command to prevent the generation of ICMP Echo Reply messages by the router.

  • Page 318: Chapter 6 Ip Multicast Commands

    IP Multicast Commands This chapter describes the IP Multicast commands available in the managed switch CLI. Note: Commands described in this chapter that require a license are: Multicast Commands DVMRP Commands PIM Commands Internet Group Message Protocol (IGMP) Commands IGMP Proxy Commands This chapter contains the following sections: •...

  • Page 319: Ip Mcast Boundary

    ProSafe Managed Switch ip mcast boundary This command adds an administrative scope multicast boundary specified by <groupipaddr> and <mask> for which this multicast administrative boundary is applicable. <groupipaddr> is a group IP address and <mask> is a group IP mask. Format ip mcast boundary <groupipaddr>...

  • Page 320: Ip Mroute

    ProSafe Managed Switch packets forwarded over the interface having TTL value below the configured value are dropped. The value for <ttlthreshold> ranges from 0 to 255. Default Format ip multicast ttl-threshold <ttlvalue> Mode Interface Config no ip multicast ttl-threshold This command applies the default <ttlthreshold> to a routing interface. The <ttlthreshold>...

  • Page 321: Show Ip Mcast

    ProSafe Managed Switch show ip mcast This command displays the system-wide multicast information. Format show ip mcast Modes • Privileged EXEC • User EXEC Term Definition Admin Mode The administrative status of multicast. Possible values are enabled or disabled. Protocol State The current state of the multicast protocol.

  • Page 322: Show Ip Mcast Mroute

    ProSafe Managed Switch Term Definition Interface Valid slot and port number separated by forward slashes. The time-to-live value for this interface. show ip mcast mroute This command displays a summary or all the details of the multicast table. Format show ip mcast mroute {detail | summary} Modes •...

  • Page 323: Show Ip Mcast Mroute Group

    ProSafe Managed Switch show ip mcast mroute group This command displays the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table containing the given <groupipaddr>. Format show ip mcast mroute group <groupipaddr>...

  • Page 324: Dvmrp Commands

    ProSafe Managed Switch If you use the summary parameter, the command displays the following column headings in the output table: Term Definition Source IP The IP address of the multicast data source. Group IP The IP address of the destination of the multicast packet. Protocol The multicast routing protocol by which this entry was created.

  • Page 325: Ip Dvmrp Trapflags

    ProSafe Managed Switch no ip dvmrp metric This command resets the metric for an interface to the default value. This value is used in the DVMRP messages as the cost to reach this network. Format no ip dvmrp metric Mode Interface Config ip dvmrp trapflags This command enables the DVMRP trap mode.

  • Page 326: Show Ip Dvmrp Interface

    ProSafe Managed Switch Term Definition Admin Mode Indicates whether DVMRP is enabled or disabled. Version The version of DVMRP being used. Total Number of The number of routes in the DVMRP routing table. Routes Reachable The number of entries in the routing table with non-infinite metrics. Routes The following fields are displayed for each interface.

  • Page 327: Show Ip Dvmrp Neighbor

    ProSafe Managed Switch Term Definition Received Bad The number of invalid routes received. Routes Sent Routes The number of routes that have been sent on this interface. show ip dvmrp neighbor This command displays the neighbor information for DVMRP. Format show ip dvmrp neighbor Modes •...

  • Page 328: Show Ip Dvmrp Prune

    ProSafe Managed Switch Term Definition Source IP The sources for which this entry specifies a next hop on an outgoing interface. Source Mask The IP Mask for the sources for which this entry specifies a next hop on an outgoing interface.

  • Page 329: Pim Commands

    ProSafe Managed Switch Term Definition Expiry Time The expiry time in seconds, which is the time left for this route to age out. (secs) Up Time (secs) The time when a specified route was learnt, in seconds. PIM Commands This section describes the commands you use to configure Protocol Independent Multicast (PIM).

  • Page 330: Show Ip Pim Interface

    ProSafe Managed Switch ip pim hello-interval This command configures the transmission frequency of PIM Hello messages between PIM enabled neighbors. This field has a range of 0 to 18000 seconds. Default Format ip pim hello-interval <0-18000> Mode Interface Config no ip pim hello-interval This command resets the transmission frequency of hello messages between PIM enabled neighbors to its default value.

  • Page 331: Show Ip Pim Neighbor

    ProSafe Managed Switch Hello Interval (secs) 30 Join Prune Interval (secs) 60 DR Priority 1 BSR Border Disabled Neighbor Count 1 Designated Router 192.168.10.1 Example 2: (Switch) #show ip pim interface Interface 1/0/1 Mode Dense Hello Interval (secs) 30 Join Prune Interval (secs) 60 DR Priority NA BSR Border Disabled Neighbor Count 1...

  • Page 332: Ip Pim Sparse(Global Config)

    ProSafe Managed Switch ip pim sparse(Global Config) This command is used to administratively enable PIM Sparse Mode (PIM-SM) multicast routing mode on the router. Default disabled Format ip pim sparse Mode Global Config no ip pim sparse(Global Config) This command is used to administratively disable PIM-SM multicast routing mode on the router.

  • Page 333: Ip Pim Dr-Priority

    ProSafe Managed Switch Parameters Description hash-mask Length of a mask (32 bits maximum) that is to be ANDed with the group address before length the hash function is called. All groups with the same seed hash correspond to the same RP.

  • Page 334: Ip Pim Register-Rate-Limit

    ProSafe Managed Switch no ip pim join-prune-interval Use this command to set the join/prune interval to the default value. Format no ip pim join-prune-interval Mode Interface Config ip pim register-rate-limit This command configures the Register Threshold rate for the Rendezvous Point router to switch to a source-specific shortest path.

  • Page 335: Ip Pim Rp-Candidate

    ProSafe Managed Switch ip pim rp-candidate This command is used to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Default None Format ip pim rp-candidate interface interface <interface-num> <group-address> <group-mask>} Mode Global Config no ip pim rp-candidate...

  • Page 336: Ip Pim Ssm

    ProSafe Managed Switch ip pim ssm Use this command to define the Source Specific Multicast (SSM) range of IP multicast addresses. Default disabled Format ip pim ssm {default | <group-address> <group-mask>} Mode Global Config Parameter Description default-range Defines the SSM range access list to 232/8. no ip pim ssm This command is used to disable the Source Specific Multicast (SSM) range.

  • Page 337: Show Ip Pim Ssm

    ProSafe Managed Switch Term Definition PIM Mode Configured mode of PIM protocol (enabled or disabled). Data Threshold Rate (in kbps) of SPT Threshold. Rate) Register Rate (in kbps) of Register Threshold. Rate-limit Interface Interface number. Interface-Mode Enable status of the interface. Operational-Sta Operational Status of the Interface.

  • Page 338: Show Ip Pim Bsr-Router

    ProSafe Managed Switch show ip pim bsr-router This command displays the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. Format show ip pim bsr-router [candidate | elected] Mode •...

  • Page 339: Show Ip Pim Rp Mapping

    ProSafe Managed Switch show ip pim rp mapping This command displays the mappings for the PIM group to the active rendezvous points.. Format show ip pim rp mapping [<rp address> | candidate | static] Modes Privileged EXEC Term Definition RP Address The IP address of the RP for the group specified.

  • Page 340: Internet Group Message Protocol (Igmp) Commands

    ProSafe Managed Switch RP Address 192.168.20.1 Group Address 229.2.0.0 Group Mask 255.255.0.0 Origin Static Expiry Time (hh:mm:ss) NA Internet Group Message Protocol (IGMP) Commands This section describes the commands you use to view and configure IGMP settings. ip igmp This command sets the administrative mode of IGMP in the system to active. Default disabled Format...

  • Page 341: Ip Igmp Last-Member-Query-Count

    ProSafe Managed Switch ip igmp last-member-query-count This command sets the number of Group-Specific Queries sent before the router assumes that there are no local members on the interface. The range for <count> is 1 to 20. Format ip igmp last-member-query-count <count> Modes Interface Config no ip igmp last-member-query-count...

  • Page 342: Ip Igmp Robustness

    ProSafe Managed Switch no ip igmp query-interval This command resets the query interval for the specified interface to the default value. This is the frequency at which IGMP Host-Query packets are transmitted on this interface. Format no ip igmp query-interval Modes Interface Config ip igmp query-max-response-time...

  • Page 343: Show Ip Igmp

    ProSafe Managed Switch ip igmp startup-query-count This command sets the number of Queries sent out on startup, separated by the Startup Query Interval on the interface. The range for <count> is 1 to 20. Default Format ip igmp startup-query-count <count> Mode Interface Config no ip igmp startup-query-count...

  • Page 344: Show Ip Igmp Groups

    ProSafe Managed Switch Term Definition IGMP Admin The administrative status of IGMP. This is a configured value. Mode Interface Valid slot and port number separated by forward slashes. Interface-Mode Indicates whether IGMP is enabled or disabled on the interface. This is a configured value.

  • Page 345: Show Ip Igmp Interface

    ProSafe Managed Switch Term Definition Version1 Host The time remaining until the local router assumes that there are no longer any IGMP Timer version 1 multicast members on the IP subnet attached to this interface. This could be an integer value or “-----” if there is no Version 1 host present. Version2 Host The time remaining until the local router assumes that there are no longer any IGMP Timer...

  • Page 346: Show Ip Igmp Interface Membership

    ProSafe Managed Switch show ip igmp interface membership This command displays the list of interfaces that have registered in the multicast group. Format show ip igmp interface membership <multiipaddr> [detail] Mode Privileged EXEC Term Definition Interface Valid unit, slot and port number separated by forward slashes. Interface IP The IP address of the interface participating in the multicast group.

  • Page 347: Igmp Proxy Commands

    ProSafe Managed Switch Term Definition Querier Status The status of the IGMP router, whether it is running in Querier mode or Non-Querier mode. Querier IP The IP address of the IGMP Querier on the IP subnet to which this interface is attached. Address Querier Up Time The time since the interface Querier was last changed.

  • Page 348: Ip Igmp-Proxy Unsolicit-Rprt-Interval

    ProSafe Managed Switch ip igmp-proxy unsolicit-rprt-interval This command sets the unsolicited report interval for the IGMP Proxy router. This command is valid only when you enable IGMP Proxy on the interface. The value of <interval> can be 1-260 seconds. Default Format ip igmp-proxy unsolicit-rprt-interval <interval>...

  • Page 349: Show Ip Igmp-Proxy Interface

    ProSafe Managed Switch Term Definition Number of The number of multicast groups that are associated with the IGMP Proxy interface. Multicast Groups Unsolicited The time interval at which the IGMP Proxy interface sends unsolicited group membership Report Interval report. Querier IP The IP address of the Querier, if any, in the network attached to the upstream interface Address on (IGMP-Proxy interface).

  • Page 350: Show Ip Igmp-Proxy Groups

    ProSafe Managed Switch Term Definition The IGMP version. Query Rcvd Number of IGMP queries received. Report Rcvd Number of IGMP reports received. Report Sent Number of IGMP reports sent. Leaves Rcvd Number of IGMP leaves received. Valid for version 2 only. Leaves Sent Number of IGMP leaves sent on the Proxy interface.

  • Page 351: Show Ip Igmp-Proxy Groups Detail

    ProSafe Managed Switch Term Definition Filter Mode Possible values are Include or Exclude. Sources The number of sources attached to the multicast group. Example: The following shows example CLI display output for the command. (Switch) #show ip igmp-proxy groups Interface Index........ 1/0/1 Group Address Last Reporter Up Time...
  • Page 352 ProSafe Managed Switch Term Definition Group Source The list of IP addresses of the sources attached to the multicast group. List Expiry Time Time left before a source is deleted. Example: The following shows example CLI display output for the command. (Switch) #show ip igmp-proxy groups Interface Index........

  • Page 353: Chapter 7 Ipv6 Commands

    IPv6 Commands This chapter describes the IPv6 commands available in the managed switch CLI. Note: Commands described in this chapter that require a license are: Tunnel Interface Commands IPv6 Routing Commands OSPFv3 Commands OSPFv3 Graceful Restart Commands DHCPv6 Commands This chapter contains the following sections: •...

  • Page 354: Tunnel Interface Commands

    ProSafe Managed Switch Tunnel Interface Commands The commands in this section describe how to create, delete, and manage tunnel interfaces. Several different types of tunnels provide functionality to facilitate the transition of IPv4 networks to IPv6 networks. These tunnels are divided into two classes: configured and automatic.

  • Page 355: Ipv6 Routing Commands

    ProSafe Managed Switch tunnel mode ipv6ip This command specifies the mode of the tunnel. With the optional 6to4 argument, the tunnel mode is set to 6to4 automatic. Without the optional 6to4 argument, the tunnel mode is configured. Format tunnel mode ipv6ip [6to4] Mode Interface Config show interface tunnel...

  • Page 356: Ipv6 Enable

    ProSafe Managed Switch ipv6 hop-limit This command defines the unicast hop count used in ipv6 packets originated by the node. The value is also included in router advertisements. Valid values for <hops> are 1-255 inclusive. The default “not configured” means that a value of zero is sent in router advertisements and a value of 64 is sent in packets originated by the node.

  • Page 357: Ipv6 Address

    ProSafe Managed Switch no ipv6 enable Use this command to disable IPv6 routing on an interface. Format no ipv6 enable Mode Interface Config ipv6 address Use this command to configure an IPv6 address on an interface, including tunnel and loopback interfaces, and to enable IPv6 processing on this interface. You can assign multiple globally reachable addresses to an interface by using this command.

  • Page 358: Ipv6 Address Autoconfig

    ProSafe Managed Switch ipv6 address autoconfig This command is used to enable stateless address autoconfiguration capability. Note: When unicast-routing is enabled, autoconfig mode doesn’t work. Format ipv6 address autoconfig Mode Interface Config ipv6 address autoconfig This command disables the stateless autoconfiguration. Format no ipv6 address autoconfig Mode...

  • Page 359: Ipv6 Route Distance

    ProSafe Managed Switch using a link-local address as the next hop. A route with a preference of 255 cannot be used to forward traffic. Default disabled Format ipv6 route <ipv6-prefix>/<prefix_length> {<next-hop-address> | Null0 | interface {<unit/slot/port> | tunnel <tunnel_id>} <next-hop-address>} [<preference>] Mode Global Config no ipv6 route...

  • Page 360: Ipv6 Mtu

    ProSafe Managed Switch ipv6 mtu This command sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface. This command replaces the default or link MTU with a new MTU value. Note: The default MTU value for a tunnel interface is 1480. You cannot change this value.

  • Page 361: Ipv6 Nd Managed-Config-Flag

    ProSafe Managed Switch ipv6 nd managed-config-flag This command sets the “managed address configuration” flag in router advertisements. When the value is true, end nodes use DHCPv6. When the value is false, end nodes automatically configure addresses. Default false Format ipv6 nd managed-config-flag Mode Interface Config no ipv6 nd managed-config-flag...

  • Page 362: Ipv6 Nd Ra-Interval

    ProSafe Managed Switch no ipv6 nd other-config-flag This command resets the “other stateful configuration” flag back to its default value in router advertisements sent from the interface. Format no ipv6 nd other-config-flag Mode Interface Config ipv6 nd ra-interval This command sets the transmission interval between router advertisements. Default Format ipv6 nd ra-interval-max <4- 1800>...

  • Page 363: Ipv6 Nd Reachable-Time

    ProSafe Managed Switch ipv6 nd reachable-time This command sets the router advertisement time to consider a neighbor reachable after neighbor discovery confirmation. Reachable time is specified in milliseconds. A value of zero means the time is unspecified by the router. Default Format ipv6 nd reachable-time <0–3600000>...

  • Page 364: Ipv6 Unreachables

    ProSafe Managed Switch ipv6 nd router-preference This command will set the router preference to default. Format no ipv6 router-preference Mode Interface Config ipv6 unreachables Use this command to enable the generation of ICMPv6 Destination Unreachable messages. By default, the generation of ICMPv6 Destination Unreachable messages is enabled. Default enable Format...

  • Page 365: Show Ipv6 Brief

    ProSafe Managed Switch no ipv6 icmp error-interval Use the no form of the command to return burst-interval and burst-size to their default values. Format no ipv6 icmp error-interval Mode Global Config show ipv6 brief Use this command to display the IPv6 status of forwarding mode and IPv6 unicast routing mode.

  • Page 366: Show Ipv6 Interface

    ProSafe Managed Switch show ipv6 interface Use this command to show the usability status of IPv6 interfaces and whether ICMPv6 Destination Unreachable messages may be sent. Format show ipv6 interface {brief | <unit/slot/port> |tunnel <0-7> | loopback <0-7>} Mode Privileged EXEC If you use the brief parameter, the following information displays for all configured IPv6 interfaces: Term...
  • Page 367 ProSafe Managed Switch Term Definition Router The frequency, in seconds, that router advertisements are sent. Advertisement Interval Router Shows whether the managed configuration flag is set (enabled) for router advertisements Advertisement on this interface. Managed Config Flag Router Shows whether the other configuration flag is set (enabled) for router advertisements on Advertisement this interface.

  • Page 368: Clear Ipv6 Neighbors

    ProSafe Managed Switch show ipv6 neighbor Use this command to display information about the IPv6 neighbors. Format show ipv6 neighbor Mode Privileged EXEC Term Definition Interface The interface in unit/slot/port format. IPv6 Address IPV6 address of neighbor or interface. MAC Address Link-layer Address.
  • Page 369 ProSafe Managed Switch Format show ipv6 route [{<ipv6-address> [<protocol>] | {{<ipv6-prefix/ipv6-prefix-length> | <unit/slot/port>} [<protocol>] | <protocol> | summary} [all] | all}] Modes • Privileged EXEC • User EXEC Term Definition Route Codes The key for the routing protocol codes that might appear in the routing table output. The show ipv6 route command displays the routing tables in the following format: C - connected, S - static Codes:...

  • Page 370: Show Ipv6 Route Preferences

    ProSafe Managed Switch Codes: C - connected, S - static O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF Ext 1, OE2 - OSPF Ext 2 ON1 - OSPF NSSA Ext Type 1, ON2 - OSPF NSSA Ext Type 2 2001::/64 [10/0] directly connected, Null0 2003::/64 [0/0]...

  • Page 371: Show Ipv6 Vlan

    ProSafe Managed Switch Term Definition Connected Total number of connected routes in the routing table. Routes Static Routes Total number of static routes in the routing table. OSPF Routes Total number of routes installed by OSPFv3 protocol. Reject Routes Total number of reject routes installed by all protocols. Number of Summarizes the number of routes with prefixes of different lengths.

  • Page 372: Show Ipv6 Traffic

    ProSafe Managed Switch The rest of the output for this command is displayed in a table with the following column headings: Column Definition Headings VLAN ID The VLAN ID of a configured VLAN. Logical The interface in unit/slot/port format that is associated with the VLAN ID. Interface IPv6 The IPv6 prefix and prefix length associated with the VLAN ID.
  • Page 373 ProSafe Managed Switch Term Definition Received Datagrams Number of input datagrams discarded because the IPv6 address in their IPv6 Discarded Due To Invalid header's destination field was not a valid address to be received at this entity. Address This count includes invalid addresses (for example, ) and unsupported addresses (for example, addresses with unallocated prefixes).
  • Page 374 ProSafe Managed Switch Term Definition Multicast Datagrams Number of multicast packets received by the interface. Received Multicast Datagrams Number of multicast packets transmitted by the interface. Transmitted Total ICMPv6 messages Total number of ICMP messages received by the interface which includes all received those counted by ipv6IfIcmpInErrors.

  • Page 375: Clear Ipv6 Statistics

    ProSafe Managed Switch Term Definition ICMPv6 Destination Number of ICMP Destination Unreachable messages sent by the interface. Unreachable Messages Transmitted ICMPv6 Messages Number of ICMP destination unreachable/communication administratively Prohibited prohibited messages sent. Administratively Transmitted ICMPv6 Time Exceeded Number of ICMP Time Exceeded messages sent by the interface. Messages Transmitted ICMPv6 Parameter Number of ICMP Parameter Problem messages sent by the interface.

  • Page 376: Ospfv3 Commands

    ProSafe Managed Switch traffic command. If you do not specify an interface, the counters for all IPv6 traffic statistics reset to zero. Format clear ipv6 statistics [{<unit/slot/port> | loopback <loopback-id> | tunnel <tunnel-id>}] Mode Privileged EXEC OSPFv3 Commands This section describes the commands you use to configure OSPFv3, which is a link-state routing protocol that you use to route traffic within a network.

  • Page 377: Ipv6 Ospf Cost

    ProSafe Managed Switch ipv6 ospf cost This command configures the cost on an OSPF interface. The <cost> parameter has a range of 1 to 65535. Default Format ipv6 ospf cost <1-65535> Mode Interface Config no ipv6 ospf cost This command configures the default cost on an OSPF interface. Format no ipv6 ospf cost Mode...

  • Page 378: Ipv6 Ospf Network

    ProSafe Managed Switch Format ipv6 ospf hello-interval <seconds> Mode Interface Config no ipv6 ospf hello-interval This command sets the default OSPF hello interval for the specified interface. Format no ipv6 ospf hello-interval Mode Interface Config ipv6 ospf mtu-ignore This command disables OSPF maximum transmission unit (MTU) mismatch detection. OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface.

  • Page 379: Ipv6 Ospf Priority

    ProSafe Managed Switch no ipv6 ospf network This command sets the interface type to the default value. Format no ipv6 ospf network {broadcast | point-to-point} Mode Interface Config ipv6 ospf priority This command sets the OSPF priority for the specified router interface. The priority of the interface is a priority integer from 0 to 255.

  • Page 380: Ipv6 Router Ospf

    ProSafe Managed Switch ipv6 ospf transmit-delay This command sets the OSPF Transit Delay for the specified interface. The transmit delay is specified in seconds. In addition, it sets the estimated number of seconds it takes to transmit a link state update packet over this interface. Valid values for <seconds> range from 1 to 3600 (1 hour).

  • Page 381: Area Nssa Default-Info-Originate (Ospfv)

    ProSafe Managed Switch no area nssa(OSPFv3) This command disables nssa from the specified area id. Format no area <areaid> nssa Mode Router OSPFv3 Config area nssa default-info-originate (OSPFv3) This command configures the metric value and type for the default route advertised into the NSSA.

  • Page 382: Area Nssa No-Summary (Ospfv)

    ProSafe Managed Switch area nssa no-summary (OSPFv3) This command configures the NSSA so that summary LSAs are not advertised into the NSSA. Format area <areaid> nssa no-summary Mode Router OSPFv3 Config no area nssa no-summary (OSPFv3) This command disables nssa from the summary LSAs. Format no area <areaid>...

  • Page 383: Area Range (Ospfv)

    ProSafe Managed Switch no area nssa translator-stab-intv (OSPFv3) This command disables the nssa translator’s <stabilityinterval> from the specified area id. Format no area <areaid> nssa translator-stab-intv <stabilityinterval> Mode Router OSPF Config area range (OSPFv3) This command creates a specified area range for a specified NSSA. The <ipaddr> is a valid IP address.

  • Page 384: Area Stub No-Summary (Ospfv)

    ProSafe Managed Switch area stub no-summary (OSPFv3) This command disables the import of Summary LSAs for the stub area identified by <areaid>. Default enabled Format area <areaid> stub no-summary Mode Router OSPFv3 Config no area stub no-summary(OSPFv3) This command sets the Summary LSA import mode to the default for the stub area identified by <areaid>.

  • Page 385: Area Virtual-Link Hello-Interval (Ospfv)

    ProSafe Managed Switch no area virtual-link dead-interval(OSPFv3) This command configures the default dead interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid> virtual-link <neighbor> dead-interval Mode Router OSPFv3 Config area virtual-link hello-interval (OSPFv3)

  • Page 386: Area Virtual-Link Transmit-Delay (Ospfv)

    ProSafe Managed Switch no area virtual-link retransmit-interval(OSPFv3) This command configures the default retransmit interval for the OSPF virtual interface on the virtual interface identified by <areaid> and <neighbor>. The <neighbor> parameter is the Router ID of the neighbor. Format no area <areaid> virtual-link <neighbor> retransmit-interval Mode Router OSPFv3 Config area virtual-link transmit-delay (OSPFv3)

  • Page 387: Clear Ipv6 Ospf

    ProSafe Managed Switch Format auto-cost reference-bandwidth <1 to 4294967> Mode Router OSPFv3 Config no auto-cost reference-bandwidth (OSPFv3) Use this command to set the reference bandwidth to the default value. Format no auto-cost reference-bandwidth Mode Router OSPFv3 Config clear ipv6 ospf Use this command to disable and re-enable OSPF.

  • Page 388: Clear Ipv6 Ospf Neighbor Interface

    ProSafe Managed Switch clear ipv6 ospf neighbor interface To drop adjacency with all neighbors on a specific interface, use the optional parameter [unit/slot/port]. To drop adjacency with a specific router ID on a specific interface, use the optional parameter [neighbor-id]. Format clear ipv6 ospf neighbor interface [unit/slot/port] [neighbor-id] Mode...

  • Page 389: Distance Ospf (Ospfv)

    ProSafe Managed Switch no default-metric (OSPFv3) This command is used to set a default for the metric of distributed routes. Format no default-metric Mode Router OSPFv3 Config distance ospf (OSPFv3) This command sets the route preference value of OSPF route types in the router. Lower route preference values are preferred when determining the best route.

  • Page 390: Exit-Overflow-Interval (Ospfv)

    ProSafe Managed Switch exit-overflow-interval (OSPFv3) This command configures the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the overflow state. This allows the router to again originate non-default AS-external-LSAs. When set to 0, the router will not leave overflow state until restarted.

  • Page 391: Maximum-Paths (Ospfv)

    ProSafe Managed Switch maximum-paths (OSPFv3) This command sets the number of paths that OSPF can report for a given destination where maxpaths is platform dependent. Default Format maximum-paths <maxpaths> Mode Router OSPFv3 Config no maximum-paths This command resets the number of paths that OSPF can report for a given destination back to its default value.

  • Page 392: Redistribute (Ospfv)

    ProSafe Managed Switch no passive-interface(OSPFv3) Use this command to set the interface or tunnel as non-passive. It overrides the global passive mode that is currently effective on the interface or tunnel. Format no passive-interface {<unit/slot/port> | tunnel <tunnel-id>} Mode Router OSPFv3 Config redistribute (OSPFv3) This command configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers.

  • Page 393: Trapflags (Ospfv)

    ProSafe Managed Switch trapflags (OSPFv3) Use this command to enable individual OSPF traps, enable a group of trap flags at a time, or enable all the trap flags at a time. The different groups of trapflags, and each group’s specific trapflags to enable or disable, are listed in Table 2, Trapflag Groups (OSPFv3).

  • Page 394: Show Ipv6 Ospf

    ProSafe Managed Switch • To enable all the flags, give the command as trapflags all. Default disabled Format trapflags { all | errors {all | authentication-failure | bad-packet | config-error | virt- authentication-failure | virt-bad-packet | virt-config-error} | if-rx {all | if-rx-packet} | lsa {all | lsa-maxage | lsa-originate} | overflow {all | lsdb-overflow | lsdb-approaching-overflow} | retransmit {all | packets | virt-packets} |...
  • Page 395 ProSafe Managed Switch Note: Some of the information below displays only if you enable OSPF and configure certain features. Term Definition Router ID A 32 bit integer in dotted decimal format identifying the router, about which information is displayed. This is a configured value. OSPF Admin Shows whether the administrative mode of OSPF in the router is enabled or disabled.
  • Page 396 ProSafe Managed Switch Term Definition Maximum The maximum number of LSAs that can be waiting for acknowledgment at any given Number of time. Retransmit Entries Retransmit The highest number of LSAs that have been waiting for acknowledgment. Entries High Water Mark External LSDB The maximum number of non-default AS-external-LSAs entries that can be stored in the Limit...

  • Page 397: Show Ipv6 Ospf Abr

    ProSafe Managed Switch show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers (ABR). This command takes no options. Format show ipv6 ospf abr Modes • Privileged EXEC • User EXEC Term Definition Type The type of the route to the destination.

  • Page 398: Show Ipv6 Ospf Asbr

    ProSafe Managed Switch Term Definition Stub Mode Represents whether the specified Area is a stub area or not. The possible values are enabled and disabled. This is a configured value. Import Shows whether to import summary LSAs (enabled). Summary LSAs OSPF Stub The metric value of the stub area.

  • Page 399: Show Ipv6 Ospf Database

    ProSafe Managed Switch Term Definition Cost Cost of using this route. Area ID The area ID of the area from which this route is learned. Next Hop Next hop toward the destination. Next Hop Intf The outgoing router interface to use when forwarding traffic to the next hop. show ipv6 ospf database This command displays information about the link state database when OSPFv3 is enabled.

  • Page 400: Show Ipv6 Ospf Interface

    ProSafe Managed Switch show ipv6 ospf database database-summary Use this command to display the number of each type of LSA in the database and the total number of LSAs in the database. Format show ipv6 ospf database database-summary Modes • Privileged EXEC •...

  • Page 401: Show Ipv6 Ospf Interface Brief

    ProSafe Managed Switch Term Definition OSPF Area ID The area ID associated with this interface. Router Priority The router priority. The router priority determines which router is the designated router. Retransmit The frequency, in seconds, at which the interface sends LSA. Interval Hello Interval The frequency, in seconds, at which the interface sends Hello packets.

  • Page 402: Admin Mode

    ProSafe Managed Switch Term Definition Interface Valid slot and port number separated by forward slashes. Admin Mode States whether OSPF is enabled or disabled on a router interface. Area ID The OSPF Area ID for the specified interface. Router Priority The router priority.

  • Page 403: Show Ipv6 Ospf Neighbor

    ProSafe Managed Switch Term Definition LSA Acks The total number of LSA acknowledged from this interface. Received LSA Acks Sent The total number of LSAs acknowledged to this interface. Sent Packets The number of OSPF packets transmitted on the interface. Received The number of valid OSPF packets received on the interface.
  • Page 404 ProSafe Managed Switch If you do not specify an IP address, a table with the following columns displays for all neighbors or the neighbor associated with the interface that you specify: Term Definition Router ID The 4-digit dotted-decimal number of the neighbor router. Priority The OSPF priority for the specified interface.

  • Page 405: Show Ipv6 Ospf Range

    ProSafe Managed Switch Term Definition Events Number of times this neighbor relationship has changed state, or an error has occurred. Retransmission An integer representing the current length of the retransmission queue of the specified Queue Length neighbor router Id of the specified interface. show ipv6 ospf range This command displays information about the area ranges for the specified <areaid>.

  • Page 406: Show Ipv6 Ospf Virtual-Link

    ProSafe Managed Switch show ipv6 ospf virtual-link This command displays the OSPF Virtual Interface information for a specific area and neighbor. The <areaid> parameter identifies the area and the <neighbor> parameter identifies the neighbor’s Router ID. Format show ipv6 ospf virtual-link <areaid> <neighbor> Modes •...

  • Page 407: Ospfv3 Graceful Restart Commands

    ProSafe Managed Switch Term Definition Retransmit The configured retransmit interval for the OSPFV3 virtual interface. Interval Transit Delay The configured transit delay for the OSPFV3 virtual interface. OSPFv3 Graceful Restart Commands The managed switch implementation of OSPFv3 supports graceful restart as specified in RFC 5187 and RFC 3623.

  • Page 408: Nsf Ietf Helper Disable (Ospfv)

    ProSafe Managed Switch The grace LSA announcing the graceful restart includes the reason for the restart. Reasons 1 (software restart) and 2 (software reload/upgrade) are considered planned restarts. Reasons 0 (unknown) and 3 (switch to redundant control processor) are considered unplanned restarts.

  • Page 409: Dhcpv6 Commands

    ProSafe Managed Switch no nsf [ietf] helper strict-lsa-checking (OSPFv3) This command allows OSPF to continue as a helpful neighbor in spite of topology changes. nsf restart-interval (OSPFv3) This command configures the length of the grace period on the restarting router. The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of its neighbors.

  • Page 410: Ipv6 Dhcp Server

    ProSafe Managed Switch ipv6 dhcp server Use this command to configure DHCPv6 server functionality on an interface. The <pool-name> is the DHCPv6 pool containing stateless and/or prefix delegation parameters, rapid-commit is an option that allows for an abbreviated exchange between the client and server, and <pref-value>...

  • Page 411: Domain-Name (Ipv)

    ProSafe Managed Switch These pools are shared between multiple interfaces over which DHCPv6 server capabilities are configured. Format ipv6 dhcp pool <pool-name> Mode Global Config no ipv6 dhcp pool This command removes the specified DHCPv6 pool. Format no ipv6 dhcp pool <pool-name> Mode Global Config domain-name (IPv6)

  • Page 412: Show Ipv6 Dhcp

    ProSafe Managed Switch prefix-delegation (IPv6) Multiple IPv6 prefixes can be defined within a pool for distributing to specific DHCPv6 Prefix delegation clients. Prefix is the delegated IPv6 prefix. DUID is the client’s unique DUID value (Example: 00:01:00:09:f8:79:4e:00:04:76:73:43:76'). Name is 31 characters textual client’s name, which is useful for logging or tracing only.
  • Page 413 ProSafe Managed Switch Term Definition DHCPv6 Solicit Packets Number of solicit received statistics. Received DHCPv6 Request Packets Number of request received statistics. Received DHCPv6 Confirm Packets Number of confirm received statistics. Received DHCPv6 Renew Packets Number of renew received statistics. Received DHCPv6 Rebind Packets Number of rebind received statistics.

  • Page 414: Show Ipv6 Dhcp Interface

    ProSafe Managed Switch show ipv6 dhcp interface This command displays DHCPv6 information for all relevant interfaces or the specified interface. If you specify an interface, you can use the optional statistics parameter to view statistics for the specified interface. Format show ipv6 dhcp interface <unit/slot/port>...

  • Page 415: Show Ipv6 Dhcp Pool

    ProSafe Managed Switch show ipv6 dhcp pool This command displays configured DHCP pool. Format show ipv6 dhcp pool <pool-name> Mode Privileged EXEC Term Definition DHCP Pool Unique pool name configuration. Name Client DUID Client’s DHCP unique identifier. DUID is generated using the combination of the local system burned-in MAC address and a timestamp value.
  • Page 416 ProSafe Managed Switch Term Definition Valid Lifetime Valid lifetime in seconds for delegated prefix. Preferred Preferred lifetime in seconds for delegated prefix. Lifetime IPv6 Commands...

  • Page 417: Chapter 8 Ipv6 Multicast Commands

    IPv6 Multicast Commands This chapter describes the IPv6 multicast commands available in the managed switch CLI. Note: Commands described in this chapter that require a license are: IPv6 Multicast Forwarder Commands IPv6 PIM Commands IPv6 MLD Commands IPv6 MLD-Proxy Commands This chapter contains the following sections: •...

  • Page 418: Ipv6 Multicast Forwarder Commands

    ProSafe Managed Switch IPv6 Multicast Forwarder Commands Note: There is no specific IP multicast enable for IPv6. Enabling of multicast at global config is common for both IPv4 and IPv6. show ipv6 mroute Use this command to show the mroute entries specific for IPv6. (This command is the IPv6 equivalent of the IPv4 show ip mcaste mroute command.) Format show ipv6 mroute {detail | summary}...

  • Page 419: Show Ipv6 Mroute Group

    ProSafe Managed Switch show ipv6 mroute group This command displays the multicast configuration settings specific to IPv6 such as flags, timer settings, incoming and outgoing interfaces, RPF neighboring routers, and expiration times of all the entries in the multicast mroute table containing the given group IPv6 address <group-address>.

  • Page 420: Ipv6 Pim Commands

    ProSafe Managed Switch If you use the summary parameter, the command displays the following column headings in the output table: Term Definition Source IP The IP address of the multicast data source. Group IP The IP address of the destination of the multicast packet. Protocol The multicast routing protocol by which this entry was created.

  • Page 421: Show Ipv6 Pim

    ProSafe Managed Switch no ipv6 pim (Interface Config) Use this command to set the administrative mode of PIM on an interface to disabled. Format no ipv6 pim Mode Interface Config ipv6 pim hello-interval Use this command to configure the PIM hello interval for the specified router interface. The hello-interval is specified in seconds and is in the range 10–18000.

  • Page 422: Show Ipv6 Pim Neighbor

    ProSafe Managed Switch PIM Mode........Dense Data Threshold Rate (Kbps)....0 Register Rate-limit (Kbps)....0 Interface Interface Mode Operational-Status --------- -------------- ---------------- 1/0/1 Enabled Non-Operational show ipv6 pim neighbor Use this command to display the PIM neighbor information for all interfaces or for the specified interface.

  • Page 423: Ipv6 Pim Bsr-Border

    ProSafe Managed Switch Term Definition Hello Interval Hello interval value. The frequency at which PIM hello messages are transmitted on this interface. By default, the value is 30 seconds. Join-prune Interval Join-prune interval value. DR Priority DR priority configured on this interface. This is not applicable if the interface mode is Dense.

  • Page 424: Ipv6 Pim Dr-Priority

    ProSafe Managed Switch Format ipv6 pim bsr-candidate interface <unit/slot/port> [hash-mask-length] [priority] Mode Global Config Parameters Description hash-mask-length Length of a mask (32 bits maximum) that is to be ANDed with the group address before the hash function is called. All groups with the same seed hash correspond to the same RP.

  • Page 425: Ipv6 Pim Join-Prune-Interval

    ProSafe Managed Switch ipv6 pim join-prune-interval Use this command to configure the interface join/prune interval for the PIM-SM router. The join/prune interval is specified in seconds. This parameter can be configured to a value from 0 to 18000. Default Format ipv6 pim join-prune-interval <0-18000>...

  • Page 426: Ipv6 Pim Rp-Candidate

    ProSafe Managed Switch there is a conflict, the RP configured with this command prevails over the RP learned by BSR. Default Format ipv6 pim rp-address <rp-address> <group-address> <group-mask> [override] Mode Global Config no ipv6 pim rp-address Use this command to statically remove the RP address for one or more multicast groups. Format no ipv6 pim rp-address <rp-address>...

  • Page 427: Ipv6 Pim Ssm

    ProSafe Managed Switch no ipv6 pim spt-threshold This command is used to set the Data Threshold rate for the RP router to the default value. Format no ipv6 pim spt-threshold Mode Global Config ipv6 pim ssm Use this command to define the Source Specific Multicast (SSM) range of IP multicast addresses.

  • Page 428: Ipv6 Mld Commands

    ProSafe Managed Switch Term Definition Next Bootstrap Time (in hours, minutes, and seconds) in which the next bootstrap message is due Message In from this BSR. Next Candidate Time (in hours, minutes, and seconds) in which the next candidate RP advertisement RP advertisement will be sent.

  • Page 429: Ipv6 Mld Router

    ProSafe Managed Switch ipv6 mld router Use this command, in the administrative mode of the router, to enable MLD in the router. Default Disabled Format ipv6 mld router Mode • Global Config • Interface Config no ipv6 mld router Use this command, in the administrative mode of the router, to disable MLD in the router. Default Disabled Format...

  • Page 430: Ipv6 Mld Last-Member-Query-Interval

    ProSafe Managed Switch Format ipv6 mld query-max-response-time <query-max-response-time> Mode Interface Config no ipv6 mld query-max-response-time This command resets the MLD query max response time for the interface to the default value. Format no ipv6 mld query-max-response-time Mode Interface Config ipv6 mld last-member-query-interval Use this command to set the last member query interval for the MLD interface, which is the value of the maximum response time parameter in the group specific queries sent out of this interface.

  • Page 431: Show Ipv6 Mld Groups

    ProSafe Managed Switch no ipv6 mld last-member-query-count Use this command to reset the <last-member-query-count> parameter of the interface to the default value. Format no ipv6 mld last-member-query-count Mode Interface Config show ipv6 mld groups Use this command to display information about multicast groups that MLD reported. The information is displayed only when MLD is enabled on at least one interface.

  • Page 432: Show Ipv6 Mld Interface

    ProSafe Managed Switch The following table is displayed to indicate all the sources associated with this group. Field Description Source Address The IP address of the source. Uptime Time elapsed in hours, minutes, and seconds since the source has been known. Expiry Time Time left in hours, minutes, and seconds before the entry is removed.

  • Page 433: Operational Mode

    ProSafe Managed Switch The following information is displayed for each of the interfaces or for only the specified interface. Field Description Interface The interface number in unit/slot/port format. MLD Global Displays the configured administrative status of MLD. Mode The operational status of MLD on the interface. Operational Mode MLD Version...

  • Page 434: Ipv6 Mld-Proxy Commands

    ProSafe Managed Switch Field Description Number of The number of times a group membership has been removed on this interface. Leaves Number of The current number of membership entries for this interface. Groups show ipv6 mld traffic Use this command to display MLD statistical information for the router. Format show ipv6 mld traffic Mode...

  • Page 435: Ipv6 Mld-Proxy Unsolicit-Rprt-Interval

    ProSafe Managed Switch ipv6 mld-proxy Use this command to enable MLD-Proxy on the router. To enable MLD-Proxy on the router, you must enable multicast forwarding. Also, make sure that there are no other multicast routing protocols enabled n the router. Format ipv6 mld-proxy Mode...

  • Page 436: Version

    ProSafe Managed Switch show ipv6 mld-proxy Use this command to display a summary of the host interface status parameters. Format show ipv6 mld-proxy Mode • Privileged EXEC • User EXEC The command displays the following parameters only when you enable MLD-Proxy. Field Description Interface Index...

  • Page 437: Show Ipv6 Mld-Proxy Interface

    ProSafe Managed Switch show ipv6 mld-proxy interface This command displays a detailed list of the host interface status parameters. It displays the following parameters only when you enable MLD-Proxy. Format show ipv6 mld-proxy interface Modes • Privileged EXEC • User EXEC Term Definition Interface Index...

  • Page 438: Show Ipv6 Mld-Proxy Groups Detail

    ProSafe Managed Switch Field Description Interface The interface number of the MLD-Proxy. Group Address The IP address of the multicast group. Last Reporter The IP address of the host that last sent a membership report for the current group, on the network attached to the MLD-Proxy interface (upstream interface). Up Time (in secs) The time elapsed in seconds since last created.
  • Page 439 ProSafe Managed Switch Field Description Last Reporter The IP address of the host that last sent a membership report for the current group, on the network attached to the MLD-Proxy interface (upstream interface). Up Time (in secs) The time elapsed in seconds since last created. Member State Possible values are: •...

  • Page 440: Chapter 9 Quality Of Service (Qos) Commands

    Quality of Service (QoS) Commands This chapter describes the Quality of Service (QoS) commands available in the managed switch CLI. This chapter contains the following sections: • Class of Service (CoS) Commands • Differentiated Services (DiffServ) Commands • DiffServ Class Commands •...

  • Page 441: Classofservice Dot1P-Mapping

    ProSafe Managed Switch Note: Commands you issue in the Interface Config mode only affect a single interface. Commands you issue in the Global Config mode affect all interfaces. classofservice dot1p-mapping This command maps an 802.1p priority to an internal traffic class. The <userpriority> values can range from 0-7.

  • Page 442: Classofservice Trust

    ProSafe Managed Switch classofservice trust This command sets the class of service trust mode of an interface. You can set the mode to trust one of the Dot1p (802.1p), IP DSCP, or IP Precedence packet markings. You can also set the interface mode to untrusted. If you configure an interface to use Dot1p, the mode does not appear in the output of the show running config command because Dot1p is the default.

  • Page 443: Cos-Queue Strict

    ProSafe Managed Switch no cos-queue min-bandwidth This command restores the default for each queue's minimum bandwidth value. Format no cos-queue min-bandwidth Modes • Global Config • Interface Config cos-queue strict This command activates the strict priority scheduler mode for each specified queue. Format cos-queue strict <queue-id-1>...

  • Page 444: No Cos-Queue Random-Detect

    ProSafe Managed Switch no cos-queue random-detect Use this command to disable WRED and restore the default tail drop operation for the specified queues on all interfaces or one interface. Format cos-queue random-detect queue-id-1 [queue-id-2 … queue-id-n] Modes • Global Config •...

  • Page 445: Show Classofservice Dot1P-Mapping

    ProSafe Managed Switch The last precedence applies to all non-TCP traffic. For example, in a 3-color system, four of each parameter specified: green TCP, yellow TCP, red TCP, and non-TCP, respectively. Format random-detect queue-parms queue-id-1 [queue-id-2 … queue-id-n] minthresh thresh-prec-1 … thresh-prec-n max-thresh thresh-prec-1 … threshprec-n drop-probability prob-prec-1 …...

  • Page 446: Show Classofservice Trust

    ProSafe Managed Switch The following information is repeated for each user priority. Term Definition User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped. show classofservice ip-precedence-mapping This command displays the current IP Precedence mapping to internal traffic classes for a specific interface.

  • Page 447: Show Interfaces Cos-Queue

    ProSafe Managed Switch displays the port trust mode of the interface. If you do not specify an interface, the command displays the most recent global configuration settings. Format show classofservice trust [<unit/slot/port>] Mode Privileged EXEC Term Definition Non-IP Traffic The traffic class used for non-IP traffic. This is only displayed when the COS trust mode Class is set to trust IP Precedence or IP DSCP (on platforms that support IP DSCP).

  • Page 448: Differentiated Services (Diffserv) Commands

    ProSafe Managed Switch Differentiated Services (DiffServ) Commands This section describes the commands you use to configure QOS Differentiated Services (DiffServ). You configure DiffServ in several stages by specifying three DiffServ components: Class a. Creating and deleting classes. b. Defining match criteria for a class. Policy a.

  • Page 449: Diffserv Class Commands

    ProSafe Managed Switch diffserv This command sets the DiffServ operational mode to active. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, DiffServ services are activated. Format diffserv Mode Global Config no diffserv This command sets the DiffServ operational mode to inactive.

  • Page 450: Class-Map Rename

    ProSafe Managed Switch Note: The class-map-name default is reserved and must not be used. The class type of match-all indicates all of the individual match conditions must be true for a packet to be considered a member of the class. This command may be used without specifying a class type to enter the Class-Map Config mode for an existing DiffServ class.

  • Page 451: Match Ethertype

    ProSafe Managed Switch match ethertype This command adds to the specified class definition a match condition based on the value of the ethertype. The <ethertype> value is specified as one of the following keywords: appletalk, arp, ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, rarp or as a custom ethertype value in the range of 0x0600-0xFFFF.

  • Page 452: Match Cos

    ProSafe Managed Switch no match class-map This command removes from the specified class definition the set of match conditions defined for another class. The <refclassname> is the name of an existing DiffServ class whose match conditions are being referenced by the specified class definition. Format no match class-map <refclassname>...

  • Page 453: Match Dstip

    ProSafe Managed Switch 00:11:22:dd:ee:ff). The <macmask> parameter is a layer 2 MAC address bit mask, which need not be contiguous, and is formatted as six, two-digit hexadecimal numbers separated by colons (e.g., ff:07:23:ff:fe:dc). Default none Format match destination-address mac <macaddr> <macmask> Mode Class-Map Config Ipv6-Class-Map Config...

  • Page 454: Match Ip Dscp

    ProSafe Managed Switch match ip dscp This command adds to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet, which is defined as the high-order six bits of the Service Type octet in the IP header (the low-order two bits are not checked).

  • Page 455: Match Protocol

    ProSafe Managed Switch value of <tosmask> is a two-digit hexadecimal number from 00 to ff. The <tosmask> denotes the bit positions in <tosbits> that are used for comparison against the IP TOS field in a packet. For example, to check for an IP TOS value having bits 7 and 5 set and bit 1 clear, where bit 7 is most significant, use a <tosbits>...

  • Page 456: Match Srcip

    ProSafe Managed Switch Format match protocol {<protocol-name> | <0-255>} Mode Class-Map Config Ipv6-Class-Map Config match source-address mac This command adds to the specified class definition a match condition based on the source MAC address of a packet. The <address> parameter is any layer 2 MAC address formatted as six, two-digit hexadecimal numbers separated by colons (e.g., 00:11:22:dd:ee:ff).

  • Page 457: Diffserv Policy Commands

    ProSafe Managed Switch echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, www. Each of these translates into its equivalent port number, which is used as both the start and end of a port range. To specify the match condition as a numeric value, one layer 4 port number is required. The port number is an integer from 0 to 65535.
  • Page 458 ProSafe Managed Switch conditions of more than one class, preference is based on the order in which you add the classes to the policy. The first class you add has the highest precedence. This set of commands consists of policy creation/deletion, class addition/removal, and individual policy attributes.
  • Page 459 ProSafe Managed Switch redirect This command specifies that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Format redirect <unit/slot/port> Mode Policy-Class-Map Config Incompatibilities Drop, Mirror conform-color Use this command to enable color-aware traffic policing and define the conform-color class map.

  • Page 460: Mark Cos

    ProSafe Managed Switch no class This command deletes the instance of a particular class and its defined treatment from the specified policy. <classname> is the names of an existing DiffServ class. Note: This command removes the reference to the class definition for the specified policy.

  • Page 461: Mark Ip-Precedence

    ProSafe Managed Switch The <dscpval> value is specified as either an integer from 0 to 63, or symbolically through one of the following keywords: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef. Format mark ip-dscp <dscpval>...
  • Page 462 ProSafe Managed Switch For set-cos-transmit an 802.1p priority value is required and is specified as an integer from 0-7. Format police-simple {<1-4294967295> <1-128> conform-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63> | set-cos-transmit <0-7> | transmit} [violate-action {drop | set-prec-transmit <0-7> | set-dscp-transmit <0-63> | set-cos-transmit <0-7>...

  • Page 463: Diffserv Service Commands

    ProSafe Managed Switch no policy-map This command eliminates an existing DiffServ policy. The <policyname> parameter is the name of an existing DiffServ policy. This command may be issued at any time. If the policy is currently referenced by one or more interface service attachments, this delete attempt fails. Format no policy-map <policyname>...

  • Page 464: Diffserv Show Commands

    ProSafe Managed Switch Note: This command fails if any attributes within the policy definition exceed the capabilities of the interface. Once a policy is successfully attached to an interface, any attempt to change the policy definition, that would result in a violation of the interface capabilities, causes the policy change attempt to fail.

  • Page 465: Show Diffserv

    ProSafe Managed Switch show class-map This command displays all configuration information for the specified class. The <class-name> is the name of an existing DiffServ class. Format show class-map <class-name> Modes • Privileged EXEC • User EXEC If the class-name is specified the following fields are displayed: Term Definition Class Name...

  • Page 466: Show Policy-Map

    ProSafe Managed Switch Term Definition DiffServ Admin mode The current value of the DiffServ administrative mode. Class Table Size The current number of entries (rows) and the maximum allowed entries (rows) in Current /Max the Class Table. Class Rule Table Size The current number of entries (rows) and the maximum allowed entries (rows) in Current /Max the Class Rule Table.
  • Page 467 ProSafe Managed Switch Term Definition Conform Action The current setting for the action taken on a packet considered to conform to the policing parameters. This is not displayed if policing is not in use for the class under this policy. Conform COS The CoS mark value if the conform action is set-cos-transmit.

  • Page 468: Show Diffserv Service

    ProSafe Managed Switch show diffserv service This command displays policy service information for the specified interface and direction. The <unit/slot/port> parameter specifies a valid unit/slot/port number for the system. Format show diffserv service <unit/slot/port> [in | out] Mode Privileged EXEC Term Definition DiffServ Admin...

  • Page 469: Show Policy-Map Interface

    ProSafe Managed Switch show policy-map interface This command displays policy-oriented statistics information for the specified interface and direction. The <unit/slot/port> parameter specifies a valid interface for the system. Note: This command is only allowed while the DiffServ administrative mode is enabled. Format show policy-map interface <unit/slot/port>...

  • Page 470: Mac Access Control List (Acl) Commands

    ProSafe Managed Switch Term Definition Operational The current operational status of this DiffServ service interface. Status Policy Name The name of the policy attached to the interface. MAC Access Control List (ACL) Commands This section describes the commands you use to configure MAC ACL settings. MAC ACLs ensure that only authorized users have access to specific resources and block any unwarranted attempts to reach network resources.

  • Page 471: Mac Access-List Extended Rename

    ProSafe Managed Switch mac access-list extended rename This command changes the name of a MAC Access Control List (ACL). The <name> parameter is the name of an existing MAC ACL. The <newname> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC access list.
  • Page 472 ProSafe Managed Switch the ACL rule is applied when the time-range withspecified name becomes active. The ACL rule is removed when the time-range withspecified name becomes inactive. Ethertype Keyword Corresponding Value appletalk 0x809B 0x0806 ibmsna 0x80D5 ipv4 0x0800 ipv6 0x86DD 0x8037 mplsmcast 0x8848...

  • Page 473: Mac Access-Group

    ProSafe Managed Switch mac access-group This command either attaches a specific MAC Access Control List (ACL) identified by <name> to an interface, or associates it with a VLAN ID, in a given direction. The <name> parameter must be the name of an existing MAC ACL. An optional sequence number may be specified to indicate the order of this mac access list relative to other mac access lists already assigned to this interface and direction.

  • Page 474: Ip Access Control List (Acl) Commands

    ProSafe Managed Switch Term Definition Rule Number The ordered rule number identifier defined within the MAC ACL. Action The action associated with each rule. The possible values are Permit or Deny. Source MAC The source MAC address for this rule. Address Destination The destination MAC address for this rule.

  • Page 475: Ip Standard Acl

    ProSafe Managed Switch access-list This command creates an IP Access Control List (ACL) that is identified by the access list number, which is 1-99 for standard ACLs or 100-199 for extended ACLs. IP Standard ACL: Format access-list <1-99> {deny | permit} {every | <srcip> <srcmask>} [log] [assign-queue <queue-id>] [{mirror | redirect} <unit/slot/port>] Mode Global Config...

  • Page 476: Ip Access-List

    ProSafe Managed Switch Parameter Description [assign-queue <queue-id>] Specifies the assign-queue, which is the queue identifier to which packets matching this rule are assigned. [{mirror | redirect} Specifies the mirror or redirect interface which is the unit/slot/port to <unit/slot/port>] which packets matching this rule are copied or forwarded, respectively.

  • Page 477: Ip Access-List Rename

    ProSafe Managed Switch IP Extended ACL: Format access-list <100-199> {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | <number>} <srcip> <srcmask>[{eq {<portkey> | <0-65535>} <dstip> <dstmask> [{eq {<portkey>| <0-65535>}] [precedence <precedence> | tos <tos> <tosmask> | dscp <dscp>] [log] [time-range <time-range-name>] [assign-queue <queue-id>] [{mirror | redirect} <unit/slot/port>] Mode...

  • Page 478: Ip Access-Group

    ProSafe Managed Switch Note: For the XSM7224S, the mirror parameter allows the traffic matching this rule to be copied to the specified <unit/slot/port>, while the redirect parameter allows the traffic matching this rule to be forwarded to the specified <unit/slot/port>. The assign-queue and redirect parameters are only valid for a permit rule.
  • Page 479 ProSafe Managed Switch sequence number that is one greater than the highest sequence number currently in use for this interface and direction is used. Note: You should be aware that the < > option may or may not be available, depending on the platform. Default none Format...

  • Page 480: Show Ip Access-Lists

    ProSafe Managed Switch show ip access-lists This command displays an IP ACL <accesslistnumber> is the number used to identify the IP ACL. Format show ip access-lists <accesslistnumber> Mode Privileged EXEC Note: Only the access list fields that you configure are displayed. Term Definition Rule Number...

  • Page 481: Ipv6 Access Control List (Acl) Commands

    ProSafe Managed Switch Term Definition Time Range Displays the name of the time-range if the ACL rule has referenced a time range. Name Rule Status Status (Active/Inactive) of the ACL rule. show access-lists This command displays IP ACLs, IPv6 ACLs, and MAC access control lists information for a designated interface and direction.

  • Page 482: Ipv6 Access-List Rename

    ProSafe Managed Switch If an IPv6 ACL by this name already exists, this command enters IPv6-Access-List config mode to allow updating the existing IPv6 ACL. Note: The CLI mode changes to IPv6-Access-List Config mode when you successfully execute this command. Format ipv6 access-list <name>...

  • Page 483: Ipv6 Traffic-Filter

    ProSafe Managed Switch A rule may either deny or permit traffic according to the specified classification fields. At a minimum, either the ‘every’ keyword or the protocol, source address, and destination address values must be specified. The source and destination IPv6 address fields may be specified using the keyword ‘any’...

  • Page 484: Show Ipv6 Access-Lists

    ProSafe Managed Switch Note: You should be aware that the < > option may or may not be available, depending on the platform. Format ipv6 traffic-filter <name> [vlan <vlan-id>] <in | out>[sequence <1-4294967295>] Modes • Global Config • Interface Config no ipv6 traffic-filter This command removes an IPv6 ACL identified by <name>...

  • Page 485: Time Range Commands For Time-Based Acls

    ProSafe Managed Switch Term Definition IP DSCP The value specified for IP DSCP. Flow Label The value specified for IPv6 Flow Label. Displays when you enable logging for the rule. Assign Queue The queue identifier to which packets matching this rule are assigned. Mirror Interface The unit/slot/port to which packets matching this rule are copied.
  • Page 486 ProSafe Managed Switch no time-range Use this command to delete a time-range identified by name Format no time-range <name> Mode Global Config Absolute Use this command to add an absolute time entry to a time range. Only one absolute time entry is allowed per time-range.

  • Page 487: Periodic {Start|End} Time

    ProSafe Managed Switch configuration that referenced the time range starts going into effect. The second occurrence is the ending hours:minutes at which the configuration that referenced the time range is no longer in effect. The hours:minutes are expressed in a 24-hour clock. For example, 8:00 is 8:00 am and 20:00 is 8:00 pm The frequency is how often this periodic entry will become active.

  • Page 488: Auto-Voice Over Ip Commands

    ProSafe Managed Switch Term Definition Periodic start Start time and day for periodic entry. Periodic end End time and day for periodic entry. Auto-Voice over IP Commands This section describes the commands you use to configure Auto-Voice over IP (VoIP) commands.

  • Page 489: Show Auto-Voip

    ProSafe Managed Switch no auto-voip Use this command to disable VoIP Profile on the interface. Format no auto-voip all Mode Interface Config show auto-voip Use this command to display the VoIP Profile settings on the interface or interfaces of the switch.

  • Page 490: Chapter 10 Power Over Ethernet (Poe) Commands

    Power over Ethernet (PoE) Commands This chapter contains the following sections: • About PoE • PoE Commands About PoE Power over Ethernet describes a technology to pass electrical power safely along with data on existing Ethernet cabling. The PSE or power supply equipment is the device or switch that delivers electrical power, and the PD or powered device is the end device that powers up through the power delivered along the Ethernet cable.

  • Page 491: Poe Commands

    ProSafe Managed Switch PoE Commands Use this command to enable the Power over Ethernet (PoE) functionality on a global basis or per interface. Format Mode Global Config Interface Config Default enabled no poe Use this command to disable the Power over Ethernet (PoE) functionality on a global basis or per interface.

  • Page 492: Poe Power Limit

    ProSafe Managed Switch no poe detection Use this command to set the detection mode to the default on a global basis or per interface. Format no poe detection Mode Global Config Interface Config poe high-power Use this command to switch a port from 802.3af mode to high-power mode. This mode is used to power up devices that require more power than the current IEEE 802.3af power (more than 12.95 watts at the PD).

  • Page 493: Poe Power Management

    ProSafe Managed Switch • user-defined—Allows you to define the maximum power to the port. This can be a value between 3 and 32 watts. Format poe power limit { class-based | none | user-defined [<3000 - 32000>] } Mode Global Config Interface Config Default User-defined, with a maximum of 30 watts...

  • Page 494: Poe Priority

    ProSafe Managed Switch Dynamic Power Management Available power = 300 watts - 3 watts = 297 watts Format poe power management {<unit>|all} {dynamic | static} Mode Global Config Default dynamic no poe power management Use this command to set the power management mode to the default. Format no poe power management {<unit>|all} Mode...

  • Page 495: Poe Timer Schedule Name

    ProSafe Managed Switch used to reset the PoE port. The command can also reset the power-delivering ports. Note that this command takes effect only once after it is executed and cannot be saved across power cycles. Format poe reset Mode Global Config Interface Config poe reset auto...

  • Page 496: Poe Usagethreshold

    ProSafe Managed Switch no poe timer schedule name Use this command to detach the schedule from the port. Format no poe timer schedule Mode Interface Config poe usagethreshold Use this command to set a threshold (as a percentage) for the total amount of power that can be delivered by the switch.

  • Page 497: Show Poe

    ProSafe Managed Switch no poe traps Use this command to disable logging the PoE traps. Format no poe traps Mode Global Config show poe Use this command to get global information regarding the PoE status. Format show poe Mode Privileged EXEC User EXEC Term Definition...

  • Page 498: Show Poe Port Configuration

    ProSafe Managed Switch Example: (switch) #show poe Firmware Version....... 1.0.0.2 PSE Main Operational Status....ON Total Power (Main AC)......380 Total Power (RPS)......300 Total Power (PD) ......25 Power Source........Main AC Threshold Power........ 342 Total Power Consumed......7 Usage Threshold........

  • Page 499: Show Poe Port Info

    ProSafe Managed Switch show poe port info Use this command to get information about the status of the PoE ports. You can display information based on each individual port or all the ports collectively. The command displays only PSE-capable ports. Format show poe port info [<port>...

  • Page 500: Show Poe Pd

    ProSafe Managed Switch Intf Power Power Class Power Current Voltage Status Fault (mA) (volt) Status ------ ------- ----- ------- ------ ------- ------- ------------------ --------------- 1/0/33 18.0 04.400 53.3 Delivering Power No Error show poe pd Use this command to get information about the PD ports. You can display information based on each individual port or all the PD ports collectively.

  • Page 501: Chapter 11 Utility Commands

    Utility Commands This chapter describes the utility commands available in the CLI. This chapter contains the following sections: • Auto Install Commands • Dual Image Commands • System Information and Statistics Commands • Logging Commands • Email Alerting and Mail Server Commands •...

  • Page 502: Auto Install Commands

    ProSafe Managed Switch Auto Install Commands This section describes the Auto Install Commands. Auto Install is a software feature which provides for the configuration of a switch automatically when the device is initialized and no configuration file is found on the switch. The Auto Install process requires DHCP to be enabled by default in order for it to be completed.

  • Page 503: Boot Host Auto-Save

    ProSafe Managed Switch boot host auto-save This command is used to enable automatically saving the downloaded configuration on the switch. Default Disabled Format boot host auto-save Mode Privileged EXEC no boot host auto-save This command is used to disable automatically saving the downloaded configuration on the switch.

  • Page 504: Dual Image Commands

    ProSafe Managed Switch no boot host retry-count This command is used to reset the number to the default. The default number is 3. Format no boot host retry-count Mode Privileged EXEC boot host dhcp This command is used to enable AutoInstall on the switch for the next reboot cycle. The command does not change the current behavior of AutroInstall and saves the command to NVRAM.

  • Page 505: Boot System

    ProSafe Managed Switch boot system This command activates the specified image. It will be the active-image for subsequent reboots and will be loaded by the boot loader. The current active-image is marked as the backup-image for subsequent reboots. The optional <unit> parameter is valid only in Stacking, where the unit parameter identifies the node on which this command must be executed.

  • Page 506: System Information And Statistics Commands

    ProSafe Managed Switch System Information and Statistics Commands This section describes the commands you use to view information about system features, components, and configurations. show arp switch This command displays the contents of the IP stack’s Address Resolution Protocol (ARP) table.

  • Page 507: Show Hardware

    ProSafe Managed Switch show hardware This command displays inventory information for the switch. Note: The show version command and the show hardware command display the same information. In future releases of the software, the show hardware command will not be available. For a description of the command output, see the command show version on page 507.

  • Page 508: Show Interface

    ProSafe Managed Switch show interface This command displays a summary of statistics for a specific interface or a count of all CPU traffic based upon the argument. Format show interface {<unit/slot/port> | switchport} Mode Privileged EXEC The display parameters, when the argument is <unit/slot/port>, are as follows: Parameters Definition Packets...

  • Page 509: Show Interface Ethernet

    ProSafe Managed Switch Term Definition Transmit Packet The number of outbound packets that could not be transmitted because of errors. Errors Address Entries The total number of Forwarding Database Address Table entries now active on the Currently In Use switch, including learned and static entries. VLAN Entries The number of VLAN entries presently occupying the VLAN table.

  • Page 510: Show Mac-Addr-Table

    ProSafe Managed Switch Term Definition Multicast The total number of packets that higher-level protocols requested be transmitted to a Packets Multicast address, including those that were discarded or not sent. Transmitted Broadcast The total number of packets that higher-level protocols requested be transmitted to the Packets Broadcast address, including those that were discarded or not sent.
  • Page 511 ProSafe Managed Switch The following information displays if you do not enter a parameter, the keyword all, or the MAC address and VLAN ID. If you enter vlan <vlan_id>, only the Mac Address, Interface, and Status fields appear. Term Definition Mac Address A unicast MAC address for which the switch has forwarding and or filtering information.

  • Page 512: Show Process Cpu

    ProSafe Managed Switch show process cpu This command provides the percentage utilization of the CPU by different tasks. Note: It is not necessarily the traffic to the CPU, but different tasks that keep the CPU busy. Format show process cpu Mode Privileged EXEC The following shows example CLI display output.

  • Page 513: Show Running-Config

    ProSafe Managed Switch Total Rx High Alloc Attempts 384555 Total Tx Alloc Attempts 2478536 Total Rx Norm Alloc Failures Total Rx Mid2 Alloc Failures Total Rx Mid1 Alloc Failures Total Rx High Alloc Failures Total Tx Alloc Failures show running-config Use this command to display or capture the current setting of different protocol packages supported on the switch.

  • Page 514: Show Sysinfo

    ProSafe Managed Switch • If all the flags in a particular group are enabled, then the command displays trapflags <group name> all. • If some, but not all, of the flags in that group are enabled, the command displays trapflags <groupname> <flag-name>. Format show running-config [all | <scriptname>...

  • Page 515: Terminal Length

    ProSafe Managed Switch • show version • show sysinfo • show port all • show isdp neighbors • show logging • show event log • show logging buffered • show trap log Format show tech-support Mode Privileged EXEC terminal length Use this command to set the number of lines of output to be displayed on the screen, i.e.

  • Page 516: Logging Commands

    ProSafe Managed Switch Logging Commands This section describes the commands you use to configure system logging, and to view logs and the logging settings. logging buffered This command enables logging to an in-memory log that keeps up to 128 logs. Default disabled;...

  • Page 517: Logging Console

    ProSafe Managed Switch Format logging cli-command Mode Global Config no logging cli-command This command disables the CLI command Logging feature. Format no logging cli-command Mode Global Config logging console This command enables logging to the console. You can specify the <severitylevel> value as either an integer from 0 to 7 or symbolically through one of the following keywords: emergency (0), alert (1), critical (2), error (3), warning (4), notice (5), info (6), or debug (7).

  • Page 518: Logging Host Remove

    ProSafe Managed Switch logging host remove This command disables logging to host. See show logging hosts on page 519 for a list of host indexes. Format logging host remove <hostindex> Mode Global Config logging syslog This command enables syslog logging. The <portid> parameter is an integer with a range of 1-65535.

  • Page 519: Show Logging Buffered

    ProSafe Managed Switch Term Definition Log Messages Number of messages received by the log process. This includes messages that are Received dropped or ignored. Log Messages Number of messages that could not be processed due to error or lack of resources. Dropped Log Messages Number of messages sent to the collector/relay.

  • Page 520: Email Alerting And Mail Server Commands

    ProSafe Managed Switch show logging traplogs This command displays SNMP trap events and statistics. Format show logging traplogs Mode Privileged EXEC Term Definition Number of The number of traps since the last boot. Traps Since Last Reset Trap Log The number of traps the system can retain. Capacity Number of The number of new traps since the command was last executed.

  • Page 521: Logging Email Urgent

    ProSafe Managed Switch level, but below the urgent severity level, are emailed in a non-urgent manner by collecting them together until the log time expires. You can specify the severitylevel value as either an integer from 0 to 7 or symbolically through one of the following keywords: emergency (0), alert (1), critical (2), error (3), warning (4), notice (5), info (6), or debug (7).

  • Page 522: Logging Email From-Addr

    <to-email-addr> Mode Global Config logging email from-addr This command configures the email address of the sender (the switch). Default switch@netgear.com Format logging email from-addr <from-email-addr> Mode Global Config no logging email from-addr This command removes the configured email source address.

  • Page 523: Logging Email Logtime

    ProSafe Managed Switch logging email logtime This command configures how frequently non-urgent email messages are sent. Non-urgent messages are collected and sent in a batch email at the specified interval. The valid range is every 30- 1440 minutes. Default 30 minutes Format logging email logtime <minutes>...

  • Page 524: Show Logging Email Statistics

    ProSafe Managed Switch show logging email config This command displays information about the email alert configuration. Format show logging email config Mode Privileged EXEC Term Definition Email Alert Logging The administrative status of the feature: enabled or disabled Email Alert From The email address of the sender (the switch).

  • Page 525: Clear Logging Email Statistics

    ProSafe Managed Switch Term Definition No of Email Sent The number of email messages that were sent from the switch since the counter was cleared. Time Since Last Email The amount of time that has passed since the last email was sent from the Sent switch.

  • Page 526: Show Mail-Server Config

    ProSafe Managed Switch Port Use this command to configure the TCP port to use for communication with the SMTP server. The recommended port for TLSv1 is 465, and for no security (i.e. none) it is 25. However, any nonstandard port in the range 1 to 65535 is also allowed. Default Format port {465 | 25 | 1–65535}...

  • Page 527: System Utility And Clear Commands

    ProSafe Managed Switch Term Definition Email Alert The username the switch uses to authenticate with the SMTP server. Username Email Alert The password the switch uses to authenticate with the SMTP server. Password System Utility and Clear Commands This section describes the commands you use to help troubleshoot connectivity issues and to restore various configurations to their factory defaults.

  • Page 528: Traceroute Ipv6

    ProSafe Managed Switch Parameter Description count Use the optional count parameter to specify the number of probes to send for each TTL value. Range is 1 to 10 probes. port Use the optional port parameter to specify destination UDP port of the probe. This should be an unused port on the remote destination system.

  • Page 529: Clear Config

    ProSafe Managed Switch clear config This command resets the configuration to the factory defaults without powering off the switch. When you issue this command, a prompt appears to confirm that the reset should proceed. When you enter y, you automatically reset the current configuration on the switch to the default values.

  • Page 530: Clear Pass

    ProSafe Managed Switch clear pass This command resets all user passwords to the factory defaults without powering off the switch. You are prompted to confirm that the password reset should proceed. Format clear pass Mode Privileged EXEC clear port-channel This command clears all port-channels (LAGs). Format clear port-channel Mode...
  • Page 531 ProSafe Managed Switch Note: Save configuration changes before logging out. Format logout Modes • Privileged EXEC • User EXEC ping Use this command to determine whether another computer is on the network. Ping provides a synchronous response when initiated from the CLI and Web interfaces. Default •...

  • Page 532: Ping Ipv6

    ProSafe Managed Switch ping failure: In Case of Unreachable Destination: (Switch) # ping 192.168.254.222 count 3 interval 1 size 255 Pinging 192.168.254.222 with 255 bytes of data: Received Response: Unreachable Destination Received Response :Unreachable Destination Received Response :Unreachable Destination ----192.168.254.222 PING statistics---- 3 packets transmitted,3 packets received, 0% packet loss round-trip (msec) min/avg/max = 0/0/0...

  • Page 533: Ping Ipv6 Interface

    ProSafe Managed Switch ping ipv6 interface Use this command to determine whether another computer is on the network. To use the command, configure the switch for network (in-band) connection. The source and target devices must have the ping utility enabled and running on top of TCP/IP. The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN (VLAN 1), as long as there is a physical path between the switch and the workstation.
  • Page 534 ProSafe Managed Switch copy The copy command uploads and downloads files to and from the switch. You can also use the copy command to manage the dual images (image1 and image2) on the file system. Upload and download files from a server by using TFTP or Xmodem. SFTP and SCP are available as additional transfer methods if the software package supports secure management.
  • Page 535 When you use this option, the copy command will not <destfilename> noval validate the downloaded script file. An example of the CLI command follows: (NETGEAR Switch) #copy tftp://1.1.1.1/file.scr nvram:script file.scr <url> nvram:sshkey-dsa Downloads an SSH key file. For more information, see Secure Shell (SSH) Commands on page 601.

  • Page 536: Simple Network Time Protocol (Sntp) Commands

    ProSafe Managed Switch Source Destination Description <url> {image1 | image2} Download an image from the remote server to either image. In a stacking environment, the downloaded image is distributed to the stack nodes. {image1 | image2} <url> Upload either image to the remote server. image1 image2 Copy image1 to image2.

  • Page 537: Sntp Client Mode

    ProSafe Managed Switch sntp client mode This command enables Simple Network Time Protocol (SNTP) client mode and may set the mode to either broadcast or unicast. Default disabled Format sntp client mode [broadcast | unicast] Mode Global Config no sntp client mode This command disables Simple Network Time Protocol (SNTP) client mode.

  • Page 538: Sntp Unicast Client Poll-Timeout

    ProSafe Managed Switch no sntp unicast client poll-interval This command resets the poll interval for SNTP unicast clients to its default value. Format no sntp unicast client poll-interval Mode Global Config sntp unicast client poll-timeout This command will set the poll timeout for SNTP unicast clients in seconds to a value from 1-30.

  • Page 539: Clock Summer-Time Recurring

    ProSafe Managed Switch sntp server This command configures an SNTP server (a maximum of three). The optional priority can be a value of 1-3, the version a value of 1-4, and the port id a value of 1-65535. Format sntp server <ipaddress|ipv6address| hostname> [<priority> [<version> [<portid>]]] Mode Global Config...

  • Page 540: Clock Summer-Time Date

    ProSafe Managed Switch Use the following parameters to configure the summer-time. • USA—the US Daylight saving time setting is used (Start --- March, 2nd sunday 02:00 AM, End --- Nov, 1st sunday, 2:00 AM) • EU—the European Union Daylight savings time is used (Start --- March, 5th Sunday 02:00 AM, End --- October, 5th Sunday, 3:00 AM) •...

  • Page 541: Show Sntp

    ProSafe Managed Switch (Switch) (config)# clock summer-time date Apr 1 2007 02:00 Oct 28 2007 offset 90 zone EST no clock summer-time Use the no clock summer-time command to reset the summertime offset. Format no clock summer-time Mode Global Config For example: console(config)#no clock summer-time show sntp...

  • Page 542: Show Sntp Server

    ProSafe Managed Switch Term Definition Client Supported SNTP Modes (Broadcast, Unicast, or Multicast). Supported Modes SNTP Version The highest SNTP version the client supports. Port SNTP Client Port. Client Mode Configured SNTP Client Mode. show sntp server This command is used to display SNTP server settings and configured servers. Format show sntp server Mode...

  • Page 543: Dhcp Server Commands

    ProSafe Managed Switch Term Definition Last Update Last server attempt status for the server. Status Total Unicast Number of requests to the server. Requests Failed Unicast Number of failed requests from server. Requests show clock Use the show clock command in Privileged EXEC or User EXEC mode to display the time and date from the system clock.
  • Page 544 ProSafe Managed Switch no ip dhcp pool This command removes the DHCP address pool. The name should be previously configured pool name. Format no ip dhcp pool <name> Mode Global Config client-identifier This command specifies the unique identifier for a DHCP client. Unique-identifier is a valid notation in hexadecimal format.
  • Page 545 ProSafe Managed Switch default-router This command specifies the default router list for a DHCP client. {address1, address2… address8} are valid IP addresses, each made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid. Default none Format default-router <address1>...
  • Page 546 ProSafe Managed Switch no hardware-address This command removes the hardware address of the DHCP client. Format no hardware-address Mode DHCP Pool Config host This command specifies the IP address and network mask for a manual binding to a DHCP client. Address and Mask are valid IP addresses; each made up of four decimal bytes ranging from 0 to 255.

  • Page 547: Network (Dhcp Pool Config)

    ProSafe Managed Switch network (DHCP Pool Config) Use this command to configure the subnet number and mask for a DHCP address pool on the server. Network-number is a valid IP address, made up of four decimal bytes ranging from 0 to 255. IP address 0.0.0.0 is invalid. Mask is the IP subnet mask for the specified address pool.
  • Page 548 ProSafe Managed Switch no domain-name This command removes the domain name. Format no domain-name Mode DHCP Pool Config netbios-name-server This command configures NetBIOS Windows Internet Naming Service (WINS) name servers that are available to DHCP clients. One IP address is required, although one can specify up to eight addresses in one command line.
  • Page 549 ProSafe Managed Switch no netbios-node-type This command removes the NetBIOS node Type. Format no netbios-node-type Mode DHCP Pool Config next-server This command configures the next server in the boot process of a DHCP client.The <address> parameter is the IP address of the next server in the boot process, which is typically a TFTP server.

  • Page 550: Ip Dhcp Ping Packets

    ProSafe Managed Switch no option This command removes the DHCP Server options. The <code> parameter specifies the DHCP option code. Format no option <code> Mode DHCP Pool Config ip dhcp excluded-address This command specifies the IP addresses that a DHCP server should not assign to DHCP clients.

  • Page 551: Service Dhcp

    ProSafe Managed Switch Format no ip dhcp ping packets Mode Global Config service dhcp This command enables the DHCP server. Default disabled Format service dhcp Mode Global Config no service dhcp This command disables the DHCP server. Format no service dhcp Mode Global Config ip dhcp bootp automatic...

  • Page 552: Clear Ip Dhcp Binding

    ProSafe Managed Switch no ip dhcp conflict logging This command disables conflict logging on DHCP server. Format no ip dhcp conflict logging Mode Global Config clear ip dhcp binding This command deletes an automatic address binding from the DHCP server database. If “*” is specified, the bindings corresponding to all the addresses are deleted.

  • Page 553: Show Ip Dhcp Global Configuration

    ProSafe Managed Switch Term Definition IP address The IP address of the client. Hardware The MAC Address or the client identifier. Address Lease The lease expiration time of the IP address assigned to the client. expiration Type The manner in which IP address was assigned to the client. show ip dhcp global configuration This command displays address bindings for the specific IP address on the DHCP server.

  • Page 554: Show Ip Dhcp Server Statistics

    ProSafe Managed Switch The following additional field is displayed for Dynamic pool type: Field Definition Network The network number and the mask for the DHCP address pool. The following additional fields are displayed for Manual pool type: Field Definition Client Name The name of a DHCP client.

  • Page 555: Dns Client Commands

    ProSafe Managed Switch Message Sent: Message Definition DHCP OFFER The number of DHCPOFFER messages the server sent. DHCP ACK The number of DHCPACK messages the server sent. DHCP NACK The number of DHCPNACK messages the server sent. show ip dhcp conflict This command displays address conflicts logged by the DHCP Server.

  • Page 556: Ip Domain Name

    ProSafe Managed Switch ip domain name Use this command to define a default domain name that the software uses to complete unqualified host names (names with a domain name). By default, no default domain name is configured in the system. <name> may not be longer than 255 characters and should not include an initial period.

  • Page 557: Ipv6 Host

    ProSafe Managed Switch <server-address> is a valid IPv4 or IPv6 address of the server. The preference of the servers is determined by the order they were entered. Format ip name-server <server-address1> [server-address2...server-address8] Mode Global Config no ip name server Use this command to remove a name server. Format no ip name-server [server-address1...server-address8] Mode...

  • Page 558: Ip Domain Retry

    ProSafe Managed Switch ip domain retry Use this command to specify the number of times to retry sending Domain Name System (DNS) queries. The parameter <number> indicates the number of times to retry sending a DNS query to the DNS server. This number ranges from 0 to 100. Default Format ip domain retry <number>...

  • Page 559: Show Hosts

    ProSafe Managed Switch Field Description name A particular host entry to remove. <name> ranges from 1-255 characters. Removes all entries. show hosts Use this command to display the default domain name, a list of name server hosts, the static and the cached list of host names and addresses <name> ranges from 1-255 characters. This command displays both IPv4 and IPv6 entries.

  • Page 560: Packet Capture Commands

    ProSafe Managed Switch Packet Capture Commands Packet capture commands assist in troubleshooting protocol-related problems with the management CPU. The packets to and from the management CPU can be captured in an internally allocated buffer area for export to a PC host for protocol analysis. Public domain packet analysis tools like Ethereal can be used to decode and review the packets in detail.

  • Page 561: Serviceability Packet Tracing Commands

    ProSafe Managed Switch no capture all packets This command disables the capturing of all packets. Format no capture all packets Mode Global Config capture wrap This command enables the Buffer Wrapping configuration. Once the capture buffer is full, writes to the buffer will wrap around to allow continuous packet capture. Format capture wrap Mode...

  • Page 562: Debug Clear

    ProSafe Managed Switch Format debug arp Mode Privileged EXEC no debug arp Use this command to disable ARP debug protocol messages. Format no debug arp Mode Privileged EXEC debug auto-voip Use this command to enable Auto VOIP debug messages. Use the optional parameters to trace H323, SCCP, or SIP packets respectively.

  • Page 563: Debug Dhcp Packet

    ProSafe Managed Switch Format debug console Mode Privileged EXEC no debug console This command disables the display of “debug” trace output on the login session in which it is executed. Format no debug console Mode Privileged EXEC debug dhcp packet Use this command to display “debug”...

  • Page 564: Debug Igmpsnooping Packet

    ProSafe Managed Switch debug igmpsnooping packet This command enables tracing of IGMP Snooping packets received and transmitted by the switch. Default disabled Format debug igmpsnooping packet Mode Privileged EXEC no debug igmpsnooping packet This command disables tracing of IGMP Snooping packets. Format no debug igmpsnooping packet Mode...

  • Page 565: Debug Igmpsnooping Packet Receive

    ProSafe Managed Switch Parameter Definition Type The type of IGMP packet. Type can be one of the following: • Membership Query – IGMP Membership Query • V1_Membership_Report – IGMP Version 1 Membership Report • V2_Membership_Report – IGMP Version 2 Membership Report •...

  • Page 566: Debug Ip Acl

    ProSafe Managed Switch Parameter Definition Type The type of IGMP packet. Type can be one of the following: • Membership_Query – IGMP Membership Query • V1_Membership_Report – IGMP Version 1 Membership Report • V2_Membership_Report – IGMP Version 2 Membership Report •...

  • Page 567: Debug Ip Igmp Packet

    ProSafe Managed Switch no debug ip dvmrp packet Use this command to disable debug tracing of DVMRP packet reception and transmission. Format no debug ip dvmrp packet [receive|transmit] Mode Privileged EXEC debug ip igmp packet Use this command to trace IGMP packet reception and transmission. receive traces only received IGMP packets and transmit traces only transmitted IGMP packets.

  • Page 568: Debug Ip Pimdm Packet

    ProSafe Managed Switch debug ip pimdm packet Use this command to trace PIMDM packet reception and transmission. receive traces only received PIMDM packets and transmit traces only transmitted PIMDM packets. When neither keyword is used in the command, then all PIMDM packet traces are dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console.

  • Page 569: Debug Ipv6 Dhcp

    ProSafe Managed Switch Format debug ip vrrp Mode Privileged EXEC no debug ip vrrp Use this command to disable VRRP debug protocol messages. Format no debug ip vrrp Mode Privileged EXEC debug ipv6 dhcp Use this command to display “debug” information about DHCPv6 client activities and trace DHCPv6 packets to and from the local DHCPv6 client.

  • Page 570: Debug Ipv6 Mld Packet

    ProSafe Managed Switch debug ipv6 mld packet Use this command to trace MLDv6 packet reception and transmission. receive traces only received MLDv6 packets and transmit traces only transmitted MLDv6 packets. When neither keyword is used in the command, then all MLDv6 packet traces are dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console.

  • Page 571: Debug Lacp Packet

    ProSafe Managed Switch Format debug ipv6 pimsm packet [receive|transmit] Mode Privileged EXEC no debug ipv6 pimsm packet Use this command to disable debug tracing of PIMSMv6 packet reception and transmission. Format no debug ipv6 pimsm packet [receive|transmit] Mode Privileged EXEC debug lacp packet This command enables tracing of LACP packets received and transmitted by the switch.

  • Page 572: Debug Ospf Packet

    ProSafe Managed Switch no debug mldsnooping packet Use this command to disable debug tracing of MLD snooping packet reception and transmission. debug ospf packet This command enables tracing of OSPF packets received and transmitted by the switch. Default disabled Format debug ospf packet Mode Privileged EXEC...
  • Page 573 ProSafe Managed Switch Parameter Definition AreaId The area ID in the OSPF header of the packet. Type Could be one of the following: HELLO – Hello packet DB_DSCR – Database descriptor LS_REQ – LS Request LS_UPD – LS Update LS_ACK – LS Acknowledge The remaining fields in the trace are specific to the type of OSPF Packet.

  • Page 574: Debug Ping Packet

    ProSafe Managed Switch LS_ACK packet field definitions. Field Definition Length Length of packet no debug ospf packet This command disables tracing of OSPF packets. Format no debug ospf packet Mode Privileged EXEC debug ipv6 ospfv3 packet Use this command to enable OSPFv3 packet debug trace. Default disabled Format...

  • Page 575: Debug Rip Packet

    ProSafe Managed Switch RC_IP:10.50.50.1, DEST_IP:10.50.50.2, Type:ECHO_REPLY The following parameters are displayed in the trace message: Parameter Definition TX/RX TX refers to a packet transmitted by the device. RX refers to packets received by the device. Intf The interface that the packet came in or went out on. Format used is unit/slot/port (internal interface number).

  • Page 576: Debug Sflow Packet

    ProSafe Managed Switch The following parameters are displayed in the trace message: Parameter Definition TX/RX TX refers to a packet transmitted by the device. RX refers to packets received by the device. Intf The interface that the packet came in or went out on. Format used is unit/slot/port (internal interface number).

  • Page 577: Debug Spanning-Tree Bpdu

    ProSafe Managed Switch debug spanning-tree bpdu This command enables tracing of spanning tree BPDUs received and transmitted by the switch. Default disabled Format debug spanning-tree bpdu Mode Privileged EXEC no debug spanning-tree bpdu This command disables tracing of spanning tree BPDUs. Format no debug spanning-tree bpdu Mode...

  • Page 578: Debug Spanning-Tree Bpdu Transmit

    ProSafe Managed Switch no debug spanning-tree bpdu receive This command disables tracing of received spanning tree BPDUs. Format no debug spanning-tree bpdu receive Mode Privileged EXEC debug spanning-tree bpdu transmit This command enables tracing of spanning tree BPDUs transmitted by the switch. Spanning tree should be enabled on the device and on the interface in order to monitor packets on a particular interface.

  • Page 579: Cable Test Command

    ProSafe Managed Switch Cable Test Command The cable test feature enables you to determine the cable connection status on a selected port. Note: The cable test feature is supported only for copper cable. It is not supported for optical fiber cable. If the port has an active link while the cable test is run, the link can go down for the duration of the test.

  • Page 580: Sflow Receiver

    ProSafe Managed Switch sflow receiver Use this command to configure the sFlow collector parameters (owner string, receiver timeout, max datagram size, IP address, and port). Format sflow receiver <rcvr_idx> owner <owner-string> timeout <rcvr_timeout> max datagram <size> ip/ipv6 <ip> port <port> Mode Global Config Field...

  • Page 581: Sflow Poller

    ProSafe Managed Switch Field Description Receiver Index The sFlow Receiver for this sFlow sampler to which flow samples are to be sent. A value of zero (0) means that no receiver is configured, no packets will be sampled. Only active receivers can be set.

  • Page 582: Show Sflow Agent

    Uniquely identifies the version and implementation of this MIB. The version string must have the following structure: MIB Version; Organization; Software Revision where: • MIB Version: ‘1.3’, the version of this MIB. • Organization: Netgear. • Revision: 1.0 IP Address The IP address associated with this agent.

  • Page 583: Show Sflow Receivers

    ProSafe Managed Switch show sflow receivers Use this command to display configuration information related to the sFlow receivers. Format [<index>] show sflow receivers Mode Privileged EXEC Field Description Receiver Index The sFlow Receiver associated with the sampler/poller. Owner String The identity string for receiver, the entity making use of this sFlowRcvrTable entry. Time Out The time (in seconds) remaining before the receiver is released and stops sending samples to sFlow receiver.

  • Page 584: Software License Commands

    ProSafe Managed Switch Field Description Sampler Data The sFlowDataSource (slot/port) for this sFlow sampler. This agent will support Physical Source ports only. Receiver Index The sFlowReceiver configured for this sFlow sampler. Packet The statistical sampling rate for packet sampling from this source. Sampling Rate Max Header The maximum number of bytes that should be copied from a sampled packet to form a...

  • Page 585: Ip Address Conflict Commands

    ProSafe Managed Switch License copy : 1 License Status: Active Description : License key is active. (Managed Switches) # show license features This command displays the features that are licensed on the switch Format show license features Mode Privileged EXEC Example: The following shows example CLI display output for the command.

  • Page 586: Link Local Protocol Filtering Commands

    ProSafe Managed Switch show ip address-conflict This command displays the status information corresponding to the last detected address conflict. Term Definition Address Identifies whether the switch has detected an address conflict on any IP address. Conflict Detection Status Last Conflicting The IP Address that was last detected as conflicting on any interface.

  • Page 587: No Llpf

    ProSafe Managed Switch no llpf Use this command to unblock LLPF protocol(s) on a port. show llpf interface all Use this command to display the status of LLPF rules configured on a particular port or on all ports. Format show llpf interface [all | unit/slot/port] Mode Privileged EXEC Term...

  • Page 588: Chapter 12 Management Commands

    Management Commands This chapter describes the management commands available in the managed switch CLI. This chapter contains the following sections: • Configuring the Switch Management CPU • Network Interface Commands • Console Port Access Commands • Telnet Commands • Secure Shell (SSH) Commands •...

  • Page 589: Configuring The Switch Management Cpu

    To manage the switch via the web GUI or telnet, an IP address needs to be assigned to the switch management CPU. Whereas there are CLI commands that can be used to do this, ezconfig simplifies the task. The tool is applicable to all NETGEAR 7000-series managed switches, and allows you to configure the following parameters: The administrator’s user password and administrator-enable password...
  • Page 590 ProSafe Managed Switch The following is an example of an ezconfig session. NETGEAR EZ Configuration Utility -------------------------------- Hello and Welcome! This utility will walk you thru assigning the IP address for the switch management CPU. It will allow you to save the changes at the end. After the session, simply use the newly assigned IP address to access the Web GUI using any public domain Web browser.

  • Page 591: Network Interface Commands

    ProSafe Managed Switch Network Interface Commands This section describes the commands you use to configure a logical interface for management access. To configure the management VLAN, see step on page 64. enable (Privileged EXEC access) Use this command to access the Privileged EXEC mode. From the Privileged EXEC mode, you can configure the network interface.

  • Page 592: Network Javamode

    ProSafe Managed Switch A locally administered address must have bit 6 On (b'1') and bit 7 Off (b'0'). Format network mac-address <macaddr> Mode Privileged EXEC network mac-type Use this command to specify whether the switch uses the burned in MAC address or the locally-administered MAC address.
  • Page 593 Locally Administered address. The factory default is to use the burned in MAC address. The following shows example CLI display output for the network port. (Netgear Switch) #show network Interface Status....... Always Up IP Address........10.250.3.1 Subnet Mask........

  • Page 594: Console Port Access Commands

    ProSafe Managed Switch IPv6 Default Router is ......FE80::204:76FF:FE73:423A Burned In MAC Address......00:10:18:82:03:37 Locally Administered MAC Address....00:00:00:00:00:00 MAC Address Type....... Burned In Network Configuration Protocol Current..None Management VLAN ID......1 Web Mode........Enable Java Mode........Enable Console Port Access Commands This section describes the commands you use to configure the console port.

  • Page 595: Serial Timeout

    ProSafe Managed Switch no serial baudrate Use this command to set the communication rate of the terminal interface. Format no serial baudrate Mode Line Config serial timeout Use this command to specify the maximum connect time (in minutes) without console activity. A value of 0 indicates that a console can be connected indefinitely.

  • Page 596: Telnet Commands

    ProSafe Managed Switch enable authentication Use this command in line configuration mode to specify an authentication method list when the user accesses a higher privilege level in remote telnet or console. Format enable authentication {default | list-name} Mode Line Config no enable authentication Use this command to return to the default specified by the enable authentication...

  • Page 597: Ip Telnet Server Enable

    ProSafe Managed Switch ip telnet server enable Use this command to enable Telnet connections to the system and to enable the Telnet Server Admin Mode. This command opens the Telnet listening port. Default enabled Format ip telnet server enable Mode Privileged EXEC no ip telnet server enable Use this command to disable Telnet access to the system and to disable the Telnet Server...

  • Page 598: Transport Output Telnet

    ProSafe Managed Switch Default enabled Format transport input telnet Mode Line Config no transport input telnet Use this command to prevent new Telnet sessions from being established. Format no transport input telnet Mode Line Config transport output telnet Use this command to regulate new outbound Telnet connections. If enabled, new outbound Telnet sessions can be established until the system reaches the maximum number of simultaneous outbound Telnet sessions allowed.

  • Page 599: Telnetcon Maxsessions

    ProSafe Managed Switch no session-limit Use this command to set the maximum number of simultaneous outbound Telnet sessions to the default value. Format no session-limit Mode Line Config session-timeout Use this command to set the Telnet session timeout value.The timeout value unit of time is minutes.

  • Page 600: Telnetcon Timeout

    ProSafe Managed Switch telnetcon timeout Use this command to set the Telnet connection session timeout value, in minutes. A session is active as long as the session has not been idle for the value set. The time is a decimal value from 1 to 160.

  • Page 601: Secure Shell (Ssh) Commands

    ProSafe Managed Switch Term Definition Outbound The number of minutes an outbound Telnet session is allowed to remain inactive before Telnet Login being logged off. Timeout Maximum The number of simultaneous outbound Telnet connections allowed. Number of Outbound Telnet Sessions Allow New Indicates whether outbound Telnet sessions will be allowed.

  • Page 602: Ip Ssh Protocol

    ProSafe Managed Switch ip ssh Use this command to enable SSH access to the system. (This command is the short form of the ip ssh server enable command.) Default disabled Format ip ssh Mode Privileged EXEC ip ssh protocol Use this command to set or remove protocol levels (or versions) for SSH. Either SSH1 (1), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set.

  • Page 603: Sshcon Timeout

    ProSafe Managed Switch no sshcon maxsessions Use this command to set the maximum number of allowed SSH connection sessions to the default value. Format no sshcon maxsessions Mode Privileged EXEC sshcon timeout Use this command to set the SSH connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set.

  • Page 604: Management Security Commands

    ProSafe Managed Switch Term Definition Max SSH The maximum number of SSH sessions allowed. Sessions Allowed SSH Timeout The SSH timeout value in minutes. Keys Present Indicates whether the SSH RSA and DSA key files are present on the device. Key Generation Indicates whether RSA or DSA key files generation is currently in progress.

  • Page 605: Hypertext Transfer Protocol (Http) Commands

    ProSafe Managed Switch no crypto key generate rsa Use this command to delete the RSA key files from the device. Format no crypto key generate rsa Mode Global Config crypto key generate dsa Use this command to generate a DSA key pair for SSH. The new key files will overwrite any existing generated or downloaded DSA key files.

  • Page 606: Ip Http Java

    ProSafe Managed Switch no ip http server Use this command to disable access to the switch through the Web interface. When access is disabled, the user cannot login to the switch's Web server. Format no ip http server Mode Privileged EXEC ip http secure-server Use this command to enable the secure socket layer for secure HTTP.

  • Page 607: Ip Http Authentication

    ProSafe Managed Switch user will be forced to re-authenticate. This timer begins on initiation of the web session and is unaffected by the activity level of the connection. Default Format ip http session hard-timeout <0-168> Mode Privileged EXEC no ip http session hard-timeout Use this command to restore the hard timeout for un-secure HTTP sessions to the default value.

  • Page 608: Ip Http Session Maxsessions

    ProSafe Managed Switch ip http session maxsessions Use this command to limit the number of allowable un-secure HTTP sessions. Zero is the configurable minimum. Default Format ip http session maxsessions <0-16> Mode Privileged EXEC no ip http session maxsessions Use this command to restore the number of allowable un-secure HTTP sessions to the default value.

  • Page 609: Ip Http Secure-Session Soft-Timeout

    ProSafe Managed Switch no ip http secure-session maxsessions Use this command to restore the number of allowable secure HTTP sessions to the default value. Format no ip http secure-session maxsessions Mode Privileged EXEC ip http secure-session soft-timeout Use this command to configure the soft timeout for secure HTTP sessions in minutes. Configuring this value to zero will give an infinite soft-timeout.

  • Page 610: Ip Https Authentication

    ProSafe Managed Switch ip https authentication Use this command to specify the authentication methods for http server users. The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.

  • Page 611: Show Ip Http

    ProSafe Managed Switch ip http secure-protocol Use this command to set protocol levels (versions). The protocol level can be set to TLS1, SSL3 or to both TLS1 and SSL3. Default SSL3 and TLS1 Format ip http secure-protocol [SSL3] [TLS1] Mode Privileged EXEC show ip http Use this command to display the http settings for the switch.

  • Page 612: Access Commands

    ProSafe Managed Switch Access Commands Use the commands in this section to close remote connections or to view information about connections to the system. disconnect Use the disconnect command to close HTTP, HTTPS, Telnet or SSH sessions. Use all to close all active sessions, or use <session-id>...

  • Page 613: Username Nopassword

    ProSafe Managed Switch username Use this command to add a new user to the local user database. The default privilege level is 1. Using the encrypted keyword allows the administrator to transfer local user passwords between devices without having to know the passwords. When the password parameter is used along with encrypted parameter, the password must be exactly 128 hexadecimal characters in length.

  • Page 614: Username Snmpv3 Authentication

    ProSafe Managed Switch username <username> unlock Use this command to unlock a user’s account. Only a user with read/write access can re-activate a locked user account. Format username <username> unlock Mode Global Config username snmpv3 accessmode Use this command to specify the snmpv3 access privileges for the specified login user. The valid accessmode values are readonly or readwrite.

  • Page 615: Username Snmpv3 Encryption

    ProSafe Managed Switch no username snmpv3 authentication Use this command to set the authentication protocol to be used for the specified user to none. The <username> is the user name for which the specified authentication protocol is used. Format no username snmpv3 authentication <username> Mode Global Config username snmpv3 encryption...

  • Page 616: Show Users Accounts

    ProSafe Managed Switch Term Definition User Name The name the user enters to login using the serial port, Telnet or Web. Access Mode Shows whether the user is able to change parameters on the switch (Read/Write) or is only able to view them (Read Only). As a factory default, the “admin” user has Read/Write access and the “guest”...

  • Page 617: Show Users Long

    ProSafe Managed Switch Lockout........False Override Complexity Check...... Disable Password Strength......--- UserName........guest Privilege........1 Password Aging......... --- Password Expiry........ --- Lockout........False Override Complexity Check...... Disable Password Strength......--- show users long Use this command to display the user’s full name. Format show users long Mode...

  • Page 618: Passwords History

    ProSafe Managed Switch no passwords min-length Use this command to set the minimum password length to the default value. Format no passwords min-length Mode Global Config passwords history Use this command to set the number of previous passwords that shall be stored for each user account.

  • Page 619: Passwords Lock-Out

    ProSafe Managed Switch passwords lock-out Use this command to strengthen the security of the switch by locking user accounts that have failed login due to wrong passwords. When a lockout count is configured, a user that is logged in must enter the correct password within that count. Otherwise the user will be locked out from further switch access.

  • Page 620: Passwords Strength Minimum Lowercase-Letters

    ProSafe Managed Switch no passwords strength minimum uppercase-letters Use this command to reset the minimum number of uppercase letters to the default value. Format no passwords strength minimum uppercase-characters Mode Global Config passwords strength minimum lowercase-letters Use this command to enforce a minimum number of lowercase letters that a password should contain.

  • Page 621: Passwords Strength Minimum Special-Characters

    ProSafe Managed Switch passwords strength minimum special-characters Use this command to enforce a minimum number of special characters that a password should contain. The valid range is 0-16. The default is 2. Minimum of 0 means no restriction on that set of characters. Format passwords strength minimum special-letters Mode...

  • Page 622: Passwords Strength Minimum Character-Classes

    ProSafe Managed Switch Mode Global Config Default no passwords strength maximum repeated-characters Use this command to reset the maximum number of repeated-characters to the default value. Format no passwords strength maximum repeated-characters Mode Global Config passwords strength minimum character-classes Use this command to enforce a minimum number of characters classes that a password should contain.

  • Page 623: Show Passwords Configuration

    ProSafe Managed Switch show passwords configuration Use this command to display the configured password management settings. Format show passwords configuration Mode Privileged EXEC Termd Definition Minimum Password Minimum number of characters required when changing passwords. Length Password History Number of passwords to store for reuse prevention. Password Aging Length in days that a password is valid.

  • Page 624: Aaa Authentication Login

    ProSafe Managed Switch aaa authentication login Use this command to set authentication at login. The default and optional list names that you create with the command are used with the aaa authentication login login command. Create a list by entering the authentication aaa authentication login command for a particular protocol, where...

  • Page 625: Aaa Authentication Enable

    ProSafe Managed Switch no aaa authentication login Use this command to remove authentication at login. Format no aaa authentication login {default | list-name} Mode Global Config aaa authentication enable Use this command to set authentication when the user access higher privilege level, use the command in global configuration mode.

  • Page 626: Aaa Authentication Dot1X

    ProSafe Managed Switch Note: If the default list is not set, only the enable password is checked. This has the same effect as the following command: aaa authentication enable default enable On the console, the enable password is used if it exists. If no password is set, the process will succeed anyway.

  • Page 627: Aaa Ias-User Username

    ProSafe Managed Switch no aaa authentication dot1x Use this command to remove the authentication at login. Format no aaa authentication dot1x default Mode Global Config aaa ias-user username The Internal Authentication Server (IAS) database is a dedicated internal database used for local authentication of users for network access through the IEEE 802.1X feature.

  • Page 628: Snmp Commands

    ProSafe Managed Switch clear aaa ias-users Use this command to remove all users from the IAS database. Format clear aaa ias-users Mode Privileged EXEC show aaa ias-users Use this command to display configured IAS users and their attributes. Passwords configured are not shown in the show command output. Format show aaa ias-users Mode...

  • Page 629: Snmp-Server Community Ipaddr

    ProSafe Managed Switch Default • Public and private, which you can rename. • Default values for the remaining four community names are blank. Format snmp-server community <name> Mode Global Config no snmp-server community Use this command to remove this community name from the table. The <name> is the community name to be deleted.

  • Page 630: Snmp-Server Community Mode

    ProSafe Managed Switch station, and will use that machine's IP address for the client IP address. A value of 0.0.0.0 will allow access from any IP address. The name is the applicable community name. Default 0.0.0.0 Format snmp-server community ipmask <ipmask> <name> Mode Global Config no snmp-server community ipmask...

  • Page 631: Snmp-Server Community Ro

    ProSafe Managed Switch snmp-server community ro Use this command to restrict access to switch information. The access mode is read-only (also called public). Format snmp-server community ro <name> Mode Global Config snmp-server community rw Use this command to restrict access to switch information. The access mode is read/write (also called private).

  • Page 632: Snmp-Server Enable Traps Linkmode

    ProSafe Managed Switch Format snmp-server enable traps Mode Global Config no snmp-server enable traps Use this command to disable the Authentication Flag. Format no snmp-server enable traps Mode Global Config Note: This command may not be available on all platforms. snmp-server enable traps linkmode Use this command to enable Link Up/Down traps for the entire switch.

  • Page 633: Snmp-Server Enable Traps Stpmode

    IPv4 address format as well as an IPv6 global address format. The following shows an example of the CLI command. (Netgear Switch)# snmptrap mytrap ip6addr 3099::2 Note: The <name> parameter does not need to be unique, however; the <name>...

  • Page 634: Snmptrap Snmpversion

    ProSafe Managed Switch Default snmpv2 Format snmptrap <name> {ipaddr <ipaddr|hostname> | ip6addr <ip6addr| hostname>} [snmpversion <snmpversion>] Mode Global Config no snmptrap Use this command to delete trap receivers for a community. Format no snmptrap <name> {ipaddr <ipaddr|hostname> | ip6addr <ip6addr| hostname>} Mode Global Config...

  • Page 635: Snmptrap Mode

    ProSafe Managed Switch Format snmptrap ipaddr <name> <ipaddrold> <ipaddrnew | hostnamenew> Mode Global Config snmptrap mode Use this command to activate or deactivate an SNMP trap. Enabled trap receivers are active (able to receive traps). Disabled trap receivers are inactive (not able to receive traps). Format snmptrap mode <name>...

  • Page 636: Show Snmpcommunity

    ProSafe Managed Switch Format no snmp trap link-status Mode Interface Config snmp trap link-status all Use this command to enable link status traps for all interfaces. Note: This command is valid only when the Link Up/Down Flag is enabled. For more information, see snmp-server enable traps linkmode page 632.

  • Page 637: Show Snmptrap

    The IPv4 address to receive SNMP traps from this device. IPv6 Address The IPv6 address to receive SNMP traps from this device. SNMP Version SNMPv2 Status The receiver's status (enabled or disabled). The following shows an example of the CLI command. (Netgear Switch)#show snmptrap Management Commands...

  • Page 638: Show Trapflags

    ProSafe Managed Switch Community Name IpAddress IPv6 Address Snmp Version Mode Mytrap 0.0.0.0 2001::1 SNMPv2 Enable show trapflags show trapflags Use this command to display trap conditions. The command’s display shows all the enabled OSPFv2 and OSPFv3 trapflags. Configure which traps the switch should generate by enabling or disabling the trap condition.

  • Page 639: Radius Commands

    ProSafe Managed Switch RADIUS Commands This section describes the commands you use to configure the switch to use a Remote Authentication Dial-In User Service (RADIUS) server on your network for authentication and accounting. authorization network radius Use this command to enable the switch to accept VLAN assignment by the radius server. Default disable Format...

  • Page 640: Radius Server Host

    ProSafe Managed Switch RADIUS client uses that IP address while sending NAS-IP-Address attribute in RADIUS communication. Format radius server attribute <4> [<ipaddr>] Mode Global Config Term Definition NAS-IP-Address attribute to be used in RADIUS requests. ipaddr The IP address of the server. no radius server attribute Use the version of this command to disable the NAS-IP-Address attribute global...
  • Page 641 ProSafe Managed Switch Note: To re-configure a RADIUS authentication server to use the default UDP <port>, set the <port> parameter to 1812. If you use the <acct> token, the command configures the IP address or hostname to use for the RADIUS accounting server. You can only configure one accounting server. If an accounting server is currently configured, use the “no”...

  • Page 642: Radius Server Key

    ProSafe Managed Switch address or dns name of the previously configured RADIUS authentication / accounting server. Format no radius server host {auth | acct} {<ipaddr|dnsname>} Mode Global Config The following shows an example of the command. (Switch) (Config) #radius server host acct 192.168.37.60 (Switch) (Config) #radius server host acct 192.168.37.60 port 1813 (Switch) (Config) #radius server host auth 192.168.37.60 name Network1_RADIUS_Auth_Server port 1813...

  • Page 643: Radius Server Msgauth

    ProSafe Managed Switch The following shows an example of the CLI command. radius server key acct 10.240.4.10 encrypted <encrypt-string> radius server msgauth Use this command to enable the message authenticator attribute to be used for the specified RADIUS Authenticating server. Format radius server msgauth <ipaddr|dnsname>...

  • Page 644: Radius Server Retransmit

    ProSafe Managed Switch radius server retransmit Use this command to configure the global parameter for the RADIUS client that specifies the number of transmissions of the messages to be made before attempting the fall back server upon unsuccessful communication with the current RADIUS authenticating server. When the maximum number of retries are exhausted for the RADIUS accounting server and no response is received, the client does not communicate with any other server.

  • Page 645: Show Radius

    ProSafe Managed Switch show radius Use this command to display the values configured for the global parameters of the RADIUS client. Format show radius Mode Privileged EXEC Term Definition Number of Configured The number of RADIUS Authentication servers that have been configured. Authentication Servers Number of Configured The number of RADIUS Accounting servers that have been configured.

  • Page 646: Show Radius Servers

    ProSafe Managed Switch show radius servers Use this command to display the summary and details of RADIUS authenticating servers configured for the RADIUS client. Format show radius servers [ { <ipaddr | dnsname> | name [<servername> ] } ] Mode Privileged EXEC Field Description...

  • Page 647: Show Radius Accounting

    ProSafe Managed Switch 192.168.37.200 Network1_RADIUS_Server 1813 Primary 192.168.37.201 Network2_RADIUS_Server 1813 Secondary 192.168.37.202 Network3_RADIUS_Server 1813 Primary 192.168.37.203 Network4_RADIUS_Server 1813 Secondary (Switch) #show radius servers name Current Host Address Server Name Type ------------------------ --------------------------------- ----------192.168.37.200 Network1_RADIUS_Server Secondary 192.168.37.201 Network2_RADIUS_Server Primary 192.168.37.202 Network3_RADIUS_Server Secondary 192.168.37.203 Network4_RADIUS_Server...

  • Page 648: Show Radius Accounting Statistics

    ProSafe Managed Switch If you do not specify any parameters, then only the accounting mode and the RADIUS accounting server details are displayed. Term Definition Host Address The IP address of the host. Server Name The name of the accounting server. Port The port used for communication with the accounting server.
  • Page 649 ProSafe Managed Switch Term Definition RADIUS The name of the accounting server. Accounting Server Name Server Host The IP address of the host. Address Round Trip Time The time interval, in hundredths of a second, between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server.

  • Page 650: Show Radius Statistics

    ProSafe Managed Switch Host Address........192.168.37.200 Round Trip Time....... 0.00 Requests........0 Retransmissions....... 0 Responses........0 Malformed Responses......0 Bad Authenticators......0 Pending Requests......0 Timeouts........0 Unknown Types......... 0 Packets Dropped....... 0 show radius statistics Use this command to display the summary statistics of configured RADIUS Authenticating servers.

  • Page 651: Tacacs+ Commands

    ProSafe Managed Switch Term Definition Pending Requests The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. Timeouts The number of authentication timeouts to this server. Unknown Types The number of packets of unknown type that were received from this server on the authentication port.

  • Page 652: Tacacs-Server Host

    ProSafe Managed Switch with messages passed in clear text over the network; TACACS+ uses TCP to ensure reliable delivery and a shared key configured on the client and daemon server to encrypt all messages. tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server.

  • Page 653: Tacacs-Server Timeout

    ProSafe Managed Switch <key-string> parameter has a range of 0 - 128 characters This key must match the key used on the TACACS+ daemon. Format no tacacs-server key <key-string> Mode Global Config tacacs-server timeout Use the tacacs-server timeout command to set the timeout value for communication with the TACACS+ servers.

  • Page 654: Show Tacacs

    ProSafe Managed Switch port Use the port command in TACACS Configuration mode to specify a server port number. The server <port-number> range is 0 - 65535. Default Format port <port-number> Mode TACACS Config priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used, where 0 (zero) is the highest priority.

  • Page 655: Configuration Scripting Commands

    ProSafe Managed Switch Configuration Scripting Commands Configuration Scripting allows you to generate text-formatted script files representing the current configuration of a system. You can upload these configuration script files to a PC or UNIX system and edit them. Then, you can download the edited files to the system and apply the new configuration.

  • Page 656: Script Apply

    ProSafe Managed Switch hello hello script apply Use this command to apply the commands in the script to the switch. The <scriptname> parameter is the name of the script to apply. Format script apply <scriptname> Mode Privileged EXEC script delete Use this command to delete a specified script, where the <scriptname>...

  • Page 657: Pre-Login Banner And System Prompt Commands

    ProSafe Managed Switch script validate Use this command to validate a script file by parsing each line in the script file, where <scriptname> is the name of the script to validate.The validate option is intended to be used as a tool for script development. Validation identifies potential problems. It might not identify all problems with a given script on any given device.

  • Page 658: Switch Database Management (Sdm) Templates

    ProSafe Managed Switch Switch Database Management (SDM) Templates You can use SDM templates to configure system resources in the switch and optimize support for specific features depending on how the switch is used in the network. You can select a template to provide the maximum system usage for a specific function. For example, you could use a routing template to optimize resources for IPv4 routing if the network environment does not use IPv6 routing.

  • Page 659: Ipv6 Management Commands

    ProSafe Managed Switch active on the next reboot, if it is different from the currently active template. If the system boots with a non-default template and you clear the template configuration either using or by deleting the startup configuration, lists the default sdm prefer show sdm prefer template as the next active template.

  • Page 660: Network Ipv6 Enable

    ProSafe Managed Switch • Using IPv6 Management commands, you can send SNMP traps and queries via the network port. • The user can manage a device via the network port (in addition to a routing interface). network ipv6 enable Use this command to enable IPv6 operation on the network port. Default enabled Format...

  • Page 661: Network Ipv6 Gateway

    ProSafe Managed Switch • Disable the stateless global address autoconfiguration on the network port (with the option). autoconfig • Disable the dhcpv6 client protocol on the network port (with the option). dhcp Format address/prefix-length no network ipv6 address { [eui64] | autoconfig | dhcp} Mode Privileged EXEC...

  • Page 662: Show Network Ipv6 Dhcp Statistics

    ProSafe Managed Switch IPv6 Address MAC Address isRtr State Updated -------------------------- ----------------- ----- -------- ------- 3017::204:76FF:FE73:423A 00:04:76:73:42:3a Reachable 447535 FE80::204:76FF:FE73:423A 00:04:76:73:42:3a Delay 447540 show network ipv6 dhcp statistics Use this command to display the statistics of the DHCPv6 client running on the network management interface.

  • Page 663: Clear Network Ipv6 Dhcp Statistics

    ProSafe Managed Switch DHCPv6 Reply Packets Received......0 Received DHCPv6 Advertisement Packets Discarded..0 Received DHCPv6 Reply Packets Discarded....0 DHCPv6 Malformed Packets Received..... 0 Total DHCPv6 Packets Received......0 DHCPv6 Solicit Packets Transmitted....0 DHCPv6 Request Packets Transmitted....0 DHCPv6 Renew Packets Transmitted......

  • Page 664: Chapter 13 Log Messages

    There is no specific action that can be taken per message. When there is a problem being diagnosed, a set of these messages in the event log, along with an understanding of the system configuration and details of the problem will assist NETGEAR, Inc. in determining the root cause of such a problem.

  • Page 665: Core

    ProSafe Managed Switch Core Table 3. BSP Log Messages Component Message Cause Event(0xaaaaaaaa) Switch has restarted. Starting code... BSP initialization complete, starting 7000 series application. Table 4. NIM Log Messages Component Message Cause NIM: L7_ATTACH out of order for Interface creation out of order intIfNum(x) unit x slot x port x NIM: Failed to find interface at unit x slot x There is no mapping between the USP and...
  • Page 666 ProSafe Managed Switch Table 5. System Log Messages Component Message Cause SYSTEM Configuration file Switch CLI.cfg size is 0 The configuration file could not be read. (zero) bytes This message may occur on a system for which no configuration has ever been saved or for which configuration has been erased.

  • Page 667: Utilities

    ProSafe Managed Switch Utilities Table 6. Trap Mgr Log Message Component Message Cause Trap Mgr Link Up/Down: unit/slot/port An interface changed link state. Table 7. DHCP Filtering Log Messages Component Message Cause DHCP Filtering Unable to create r/w lock for DHCP Unable to create semaphore used for dhcp Filtering filtering configuration structure .
  • Page 668 ProSafe Managed Switch Table 9. RADIUS Log Messages Component Message Cause RADIUS RADIUS: Invalid data length - xxx The RADIUS Client received an invalid message from the server. RADIUS RADIUS: Failed to send the request A problem communicating with the RADIUS server.

  • Page 669: Management

    ProSafe Managed Switch Table 10. TACACS+ Log Messages Component Message Cause TACACS+ TACACS+: authentication error, no server TACACS+ request needed, but no servers to contact are configured. TACACS+ TACACS+: connection failed to server TACACS+ request sent to server x.x.x.x but x.x.x.x no response was received.
  • Page 670 ProSafe Managed Switch Table 14. EmWeb Log Messages Component Message Cause EmWeb EMWEB (Telnet): Max number of Telnet A user attempted to connect via telnet login sessions exceeded when the maximum number of telnet sessions were already active. EmWeb EMWEB (SSH): Max number of SSH login A user attempted to connect via SSH when sessions exceeded the maximum number of SSH sessions...
  • Page 671 ProSafe Managed Switch Table 16. WEB Log Messages Component Message Cause Max clients exceeded This message is shown when the maximum allowed java client connections to the switch is exceeded. Error on send to sockfd XXXX, closing Failed to send data to the java clients connection through the socket.
  • Page 672 ProSafe Managed Switch Table 18. SSHD Log Messages Component Message Cause SSHD SSHD: Unknown UI event in message, Failed to dispatch the UI event to the event=XXXX appropriate SSHD function as it’s an invalid event. XXXX indicates the event to be dispatched.

  • Page 673: Switching

    ProSafe Managed Switch Table 20. User_Manager Log Messages Component Message Cause User_Manager User Login Failed for XXXX Failed to authenticate user login. XXXX indicates the username to be authenticated. User_Manager Access level for user XXXX could not be Invalid access level specified for the user. determined.
  • Page 674 ProSafe Managed Switch Table 22. IP Subnet VLANS Log Messages Component Message Cause IPsubnet vlans ERROR vlanIpSubnetSubnetValid :Invalid This occurs when an invalid pair of subnet subnet and netmask has come from the CLI IPsubnet vlans IP Subnet Vlans: failed to save This message appears when save configuration configuration of subnet vlans failed...
  • Page 675 ProSafe Managed Switch Table 23. Mac-based VLANs Log Messages Component Message Cause Mac based vlanMacVlanChangeCallback: Failed to This appears when a dtl fails to add an VLANS add an entry entry for a vlan add notify event. Mac based vlanMacVlanChangeCallback: Failed to This appears when a dtl fails to delete an VLANS delete an entry...
  • Page 676 ProSafe Managed Switch Table 25. IGMP Snooping Log Messages Component Message Cause IGMP Snooping Failed to set igmp mrouter mode %d for Failed to set VLAN multicast router mode interface xxx on Vlan yyy due to IGMP Snooping message queue being full IGMP Snooping snoopCnfgrInitPhase1Process: Error Could not allocate buffers for small IGMP...
  • Page 677 ProSafe Managed Switch Table 27. 802.3ad Log Messages Component Message Cause 802.3ad dot3adReceiveMachine: received default Received a LAG PDU and the RX state event %x machine is ignoring this LAGPDU 802.3ad dot3adNimEventCompletionCallback, The event sent to NIM was not completed dot3adNimEventCreateCompletionCallbac successfully k: DOT3AD: notification failed for...
  • Page 678 ProSafe Managed Switch Table 32. 802.1Q Log Messages Component Message Cause 802.1Q dot1qIssueCmd: Unable to send message dot1qMsgQueue is full. %d to dot1qMsgQueue for vlan %d - %d msgs in queue 802.1Q dot1qVlanCreateProcess: Attempt to This accommodates for reserved vlan ids. create a vlan with an invalid vlan id %d ;...

  • Page 679: Qos

    ProSafe Managed Switch Table 35. Protocol-based VLANs Log Messages Component Message Cause Protocol Based pbVlanCnfgrInitPhase2Process: Unable to Appears when nimRegisterIntfChange fails VLANs register NIM callback to register pbVlan for link state changes. Protocol Based pbVlanCnfgrInitPhase2Process: Unable to Appears when vlanRegisterForChange VLANs register pbVlan callback with vlans fails to register pbVlan for vlan changes.

  • Page 680: Routing/Ipv6 Routing

    ProSafe Managed Switch Table 38. DiffServ Log Messages Component Message Cause DiffServ diffserv.c 165: diffServRestore Failed to While attempting to clear the running reset DiffServ. Recommend resetting configuration an error was encountered in device removing the current settings. This may lead to an inconsistent state in the system and resetting is advised.
  • Page 681 ProSafe Managed Switch Table 40. OSPFv2 Log Messages (Continued) Component Message Cause OSPFv2 Warning: OSPF LSDB is 90% full (22648 OSPFv2 limits the number of Link State LSAs). Advertisements (LSAs) that can be stored in the link state database (LSDB). When the database becomes 90 or 95 percent full, OSPFv2 logs this warning.
  • Page 682 ProSafe Managed Switch Table 42. Routing Table Manager Log Messages Component Message Cause Routing Table RTO is full. Routing table contains 8000 The routing table manager, also called Manager best routes, 8000 total routes. “RTO,” stores a limited number of best routes, based on hardware capacity.

  • Page 683: Multicast

    ProSafe Managed Switch Table 45. RIP Log Message Component Message Cause RIP : discard response from xxx via When RIP response is received with a unexpected interface source address not matching the incoming interface’s subnet. Table 46. DHCP6 Log Message Component Message Cause...
  • Page 684 ProSafe Managed Switch Table 49. IGMP-Proxy Log Messages Component Message Cause IGMP-Proxy Error getting memory for igmp host group When we are unable to allocate memory for record the IGMP group record in the Host (Proxy) table IGMP-Proxy Error getting memory for source record When we are unable to allocate memory for the IGMP source record in the Host (Proxy) table...

  • Page 685: Stacking

    ProSafe Managed Switch Table 51. PIM-DM Log Messages Component Message Cause PIM-DM Out of memory when creating xxx This message is logged when there is insufficient memory to accommodate a new neighbor/(S,G) Entry, Prune, Graft, Join etc. PIM-DM Error entry->ll_xxx LL creation error This message is logged when the SLL creation is Failed.

  • Page 686: Technologies

    ProSafe Managed Switch Technologies Table 54. System General Error Messages Component Message Cause Invalid USP unit = x, slot = x, port =x A port was not able to be translated correctly during the receive. In hapiBroadSystemMacAddress call to Failed to add an L2 address to the MAC 'bcm_l2_addr_add' - FAILED : x table.
  • Page 687 ProSafe Managed Switch Table 54. System General Error Messages Component Message Cause USL: A Trunk being created by bcmx Possible synchronization issue between already existed in USL the application, hardware, and sync layer USL: A Trunk being destroyed doesn't exist Possible synchronization issue between in USL the application, hardware, and sync layer.

  • Page 688: O/S Support

    ProSafe Managed Switch Table 54. System General Error Messages Component Message Cause USL: failed to sync L3 Route table on unit= Could not synchronize unit x due to a transport failure or API issue on remote unit. A synchronization retry will be issued USL: failed to sync initiator table on unit=x Could not synchronize unit x due to a transport failure or API issue on remote...
  • Page 689 ProSafe Managed Switch Table 55. OSAPI Log Messages (Continued) Component Message Cause OSAPI osapiCleanupIf: NetIPGet During the call to remove the interface from the route table, the attempt to get an ipv4 interface address from the stack failed. OSAPI osapiCleanupIf: NetMaskGet During the call to remove the interface from the route table ,the attempt to get the ipv4 interface mask from the stack failed.

  • Page 690: Chapter 14 Captive Portal Commands

    Captive Portal Commands The Captive Portal feature is a software implementation that blocks clients from accessing the network until user verification has been established. Verification can be configured to allow access for both guest and authenticated users. Authenticated users must be validated against a database of authorized Captive Portal users before access is granted.

  • Page 691: Http Port

    ProSafe Managed Switch enable Use this command to globally enable captive portal. Default disabled Format enable Mode Captive Portal Configuration mode no enable Use this command to globally disable captive portal. Default disabled Format no enable Mode Captive Portal Configuration mode http port Use this command to configure an additional HTTP port for captive portal to monitor.

  • Page 692: Authentication Timeout

    ProSafe Managed Switch no https port Use this command to reset the HTTPs port to the default HTTPS port 443. Format no https port Mode Captive Portal Configuration mode authentication timeout Use this command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network.

  • Page 693: Show Captive-Portal Status

    ProSafe Managed Switch Administrative Mode....... Disabled Operational Status......Disabled Disable Reason......Administrator Disabled CP IP Address....1.2.3.4 show captive-portal status Use this command to report the status of all captive portal instances in the system. Format show captive-portal status Mode Privileged EXEC mode Term Definition...

  • Page 694: Captive Portal Configuration Commands

    ProSafe Managed Switch Captive Portal Configuration Commands The commands in this section are related to captive portal configurations. configuration (Captive Portal) Use this command to enter the captive portal instance mode. The captive portal configuration identified by CP ID 1 is the default CP configuration. The system supports a total of ten CP configurations.
  • Page 695 ProSafe Managed Switch Format name <cp-name> Mode Captive Portal Instance mode no name Use this command to remove a configuration name. Format no name Mode Captive Portal Instance mode protocol Use this command to configure the protocol mode for a captive portal configuration. The default protocol is http.

  • Page 696: Redirect (Captive Portal)

    ProSafe Managed Switch no group Use this command to reset the group number to the default. Default Format no group <1-10> Mode Captive Portal Instance mode redirect (Captive Portal) Use this command to enable the redirect mode for a captive portal configuration. Use the “no” form of this command to disable redirect mode.
  • Page 697 ProSafe Managed Switch no max-bandwidth-down Use this command to reset the maximum rate to the default. Format no max-bandwidth-down Mode Captive Portal Instance mode max-bandwidth-up Use this command to configure the maximum rate at which a client can send data into the network.

  • Page 698: Session-Timeout (Captive Portal)

    ProSafe Managed Switch max-output-octets Use this command to configure the maximum number of octets the user is allowed to receive. After this limit has been reached the user will be disconnected. The number of octets is in bytes. 0 indicates limit not enforced Use the “no”. Default Format max-output-octets <0-4294967295>...
  • Page 699 ProSafe Managed Switch no session-timeout Use this command to reset the session timeout to the default. Format session-timeout <0-86400> Mode Captive Portal Instance mode idle-timeout Use this command to configure the idle timeout for a captive portal configuration. 0 indicates timeout not enforced.

  • Page 700: Captive Portal Status Commands

    ProSafe Managed Switch interface (Captive Portal) Use this command to associate an interface with a captive portal configuration. Format interface <unit/slot/port> Mode Captive Portal Instance Config mode no interface Use this command to remove an association with a captive portal configuration. Format no interface <unit/slot/port>...

  • Page 701: Show Captive-Portal Configuration Interface

    ProSafe Managed Switch Term Definition CP ID The captive portal ID CP Name The captive portal instance name Operational The operational status is enabled or disabled. Status Disable Reason If the operational status is disabled, this field shows the reason. Blocked Status Blocked status shows if this captive portal instance block all traffic.

  • Page 702: Show Captive-Portal Configuration Status

    ProSafe Managed Switch If the interface is specified. The following term will be displayed. Term Definition Authenticated The number of authenticated users associated with the CP ID. users Example (Switch)#show captive-portal configuration 1 interface CP ID........1 CP Name........cp1 Operational Block Interface...
  • Page 703 ProSafe Managed Switch If the interface is specified, the following terms are displayed. Term Definition Group Name The name of the group associated with this captive portal instance. Redirect URL The redirect mode for this captive portal instance Mode Redirect URL The redirect URL is up to 512 characters.

  • Page 704: Captive Portal Client Connection Commands

    ProSafe Managed Switch show captive-portal configuration locales Use this command to display locales associated with a specific captive portal configuration. <1-10> is captive port ID. Format show captive-portal configuration <1-10> locales Mode Privileged EXEC mode Example (switch)#show captive-portal configuration 1 locales Locale Code --------------- show captive-portal trapflags...
  • Page 705 ProSafe Managed Switch Term Definition Client MAC The MAC address of the authenticated user Address Client IP Address The IP address of the authenticated user Protocol The protocol the user is using to access the network. Verification The verification mode for this client. Session Time The current session time since the client is authenticated.

  • Page 706: Show Captive-Portal Client Statistics

    ProSafe Managed Switch show captive-portal client statistics Use this command to display the statistics for a specific captive portal client. The macaddr is client MAC address. Format show captive-portal client <macaddr> statistics Mode Privileged EXEC mode Term Definition Client MAC The MAC address of the authenticated client address Bytes Received...

  • Page 707: Show Captive-Portal Configuration Client Status

    ProSafe Managed Switch If the interface is specified, the following terms are displayed. Term Definition CP ID The ID of the captive portal associated with the client CP Name The name of the captive portal associated with the client Protocol The protocol the client is using Verification The user verification mode...

  • Page 708: Captive Portal Interface Commands

    ProSafe Managed Switch If the CP ID is specified, the following terms are displayed. Term Definition Interface The description of the interface Description Example (switch)#show captive-portal configuration client status CP ID CP Name Client MAC Address Client IP Address Interface ----- ------- ------------------...

  • Page 709: Captive Portal Local User Commands

    ProSafe Managed Switch Term Definition Interface The interface associated with the CP ID. Interface The description of the interface Description Type The type of the interface Example (switch)#show captive-portal interface configuration status CP ID CP Name Interface Interface Description Type ----- ------------ --------- ---------------------------- --------...

  • Page 710: User Name

    ProSafe Managed Switch user name Use this command to modify the user name for a local captive portal user. <1-128> is the user ID and the name is the user name in the range of 1-32 characters. The local user must exist before you use this command.

  • Page 711: User Idle-Timeout

    ProSafe Managed Switch user idle-timeout Use this command to set the session idle timeout value for a captive portal user. <1-128> is the user ID. The range of idle timeout is 0-900 seconds. 0 indicates use global configuration. Default Format user <1-128>...

  • Page 712: User Max-Input-Octets

    ProSafe Managed Switch no user max-bandwidth-up Use this command to reset the limit to the default. Format user <1-128> max-bandwidth-up Mode Captive Portal Configuration mode user max-input-octets Use this command to limit the number of octets the user is allowed to transmit. After this limit has been reached the user will be disconnected.

  • Page 713: User Max-Total-Octets

    ProSafe Managed Switch user max-total-octets Use this command to limit the number of bytes the user is allowed to transmit and receive. The maximum number of octets is the sum of octets transmitted and received. After this limit has been reached the user will be disconnected. <1-128> is the user ID. The range of octets is 0-4294967295.
  • Page 714 ProSafe Managed Switch If the user ID is specified, the following terms are displayed. Term Definition Password If the password is configured. Configured Max Bandwidth Maximum client transmit rate (b/s). Limits the bandwidth at which the client can send Up (bytes/sec) data into the network.

  • Page 715: Captive Portal User Group Commands

    ProSafe Managed Switch clear captive-portal users Use this command to delete all captive portal user entries. Format clear captive-portal users Mode Privileged EXEC mode Captive Portal User Group Commands The following section describes captive portal user group commands. user group (Create) Use this command to create a user group.
  • Page 716 Command List {deny | permit} (IP ACL) ............477 {deny | permit} (IPv6) .
  • Page 717 ProSafe Managed Switch area virtual-link retransmit-interval (OSPF) ........276 area virtual-link retransmit-interval (OSPFv3) .
  • Page 718 ProSafe Managed Switch clear aaa ias-users ............628 clear arp-cache .
  • Page 719 ProSafe Managed Switch clock summer-time recurring ..........539 clock timezone .
  • Page 720 ProSafe Managed Switch default-metric (RIP) ............310 default-router .
  • Page 721 ProSafe Managed Switch dot1x re-authentication ............95 dot1x supplicant max-start .
  • Page 722 ProSafe Managed Switch ip arp inspection trust ............155 ip arp inspection validate .
  • Page 723 ProSafe Managed Switch ip igmp query-max-response-time ..........342 ip igmp robustness .
  • Page 724 ProSafe Managed Switch ip route default ............. 241 ip route distance .
  • Page 725 ProSafe Managed Switch ipv6 ospf area ............. . 376 ipv6 ospf cost .
  • Page 726 ProSafe Managed Switch lldp med ..............194 lldp med all .
  • Page 727 ProSafe Managed Switch match dstip6 ............. . . 453 match dstl4port .
  • Page 728 ProSafe Managed Switch no [ietf] nsf restart-interval (OSPFv3) ..........409 no boot auto-copy-sw .
  • Page 729 ProSafe Managed Switch ping ipv6 ..............532 ping ipv6 interface .
  • Page 730 ProSafe Managed Switch redirect ..............459 redirect (Captive Portal) .
  • Page 731 ProSafe Managed Switch set igmp unknow-multicast filter ..........166 set mld .
  • Page 732 ProSafe Managed Switch show dhcp l2relay all ............142 show dhcp l2relay interface .
  • Page 733 ProSafe Managed Switch show ip dvmrp route ............328 show ip helper statistics .
  • Page 734 ProSafe Managed Switch show ip stats ............. . . 250 show ip verify source .
  • Page 735 ProSafe Managed Switch show isdp entry ............. 218 show isdp interface .
  • Page 736 ProSafe Managed Switch show passwords result ............623 show poe .
  • Page 737 ProSafe Managed Switch show stack-port diag ............30 show storm-control .
  • Page 738 ProSafe Managed Switch sntp unicast client poll-interval ..........537 sntp unicast client poll-retry .
  • Page 739 ProSafe Managed Switch storm-control unicast rate (Global) ..........116 switch priority .
  • Page 740 ProSafe Managed Switch vlan database ............. . . 64 vlan ingressfilter .

This manual is also suitable for:

Prosafe gsm5212pProsafe gsm7212fProsafe gsm7212pXsm7224sProsafe xsm7224s

Table of Contents